andacredito.mx Open in urlscan Pro
35.235.93.22 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://clnk.si/UjTca
Effective URL:
https://andacredito.mx/landing/offers?sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3&sub3=sl-crm&sub4=0&sub...
Submission: On September 12 via manual (September 12th 2023, 6:31:01 pm UTC) from CO — Scanned from NL

Summary HTTP 160 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 30 IPs in 9 countries across 32 domains to perform 160 HTTP transactions. The main IP is 35.235.93.22, located in Los Angeles, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is andacredito.mx.
TLS certificate: Issued by R3 on August 6th 2023. Valid for: 3 months.

This is the only time andacredito.mx was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	35.241.222.91 35.241.222.91	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	34.90.46.36 34.90.46.36	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.235.93.22 35.235.93.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
20	35.201.76.189 35.201.76.189	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.77.94.206 34.77.94.206	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4 22	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
4	34.107.249.96 34.107.249.96	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
18	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0b::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
3 7	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
2	35.240.92.105 35.240.92.105	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
3 6	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
3 22	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2 3	2620:116:800d... 2620:116:800d:21:5ed4:8d5d:fed7:f5ef	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2040	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 3	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	2a05:d018:d29... 2a05:d018:d29:3605:316a:16ef:4691:e00e	16509 (AMAZON-02) (AMAZON-02)
2	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
8	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2	3.123.242.198 3.123.242.198	16509 (AMAZON-02) (AMAZON-02)
1 1	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2 2	213.155.156.185 213.155.156.185	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8102:3f47:79b8:5807:be29	16509 (AMAZON-02) (AMAZON-02)
2 2	3.120.226.29 3.120.226.29	16509 (AMAZON-02) (AMAZON-02)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 1	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
160	30

2 2a06:98c1:3121::3 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

clnk.si	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.241.222.91 (Brussels, Belgium) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 91.222.241.35.bc.googleusercontent.com

sl.crezu.mx	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sl.crezu.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.90.46.36 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 36.46.90.34.bc.googleusercontent.com

track.crezu.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.235.93.22 (Los Angeles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.93.235.35.bc.googleusercontent.com

andacredito.mx	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 35.201.76.189 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 189.76.201.35.bc.googleusercontent.com

cdn.crezu.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.77.94.206 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 206.94.77.34.bc.googleusercontent.com

workers.crezu.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.107.249.96 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 96.249.107.34.bc.googleusercontent.com

cdn.morecashpls.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.240.92.105 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 105.92.240.35.bc.googleusercontent.com

events.crezu.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2001:678:cb4:bbbb::11 (United Kingdom) 3 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 142.250.185.226 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States) 2 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2040 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.96.105.8 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3605:316a:16ef:4691:e00e (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Weil am Rhein, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.0.66 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.123.242.198 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-242-198.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.185 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8102:3f47:79b8:5807:be29 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.226.29 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-226-29.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.252 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 tpc.googlesyndication.com — Cisco Umbrella Rank: 152	447 KB
41	doubleclick.net 7 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 47 stats.g.doubleclick.net — Cisco Umbrella Rank: 98 cm.g.doubleclick.net — Cisco Umbrella Rank: 255	218 KB
25	crezu.net 1 redirects track.crezu.net cdn.crezu.net — Cisco Umbrella Rank: 868264 workers.crezu.net sl.crezu.net events.crezu.net — Cisco Umbrella Rank: 914538	1 MB
12	gstatic.com www.gstatic.com fonts.gstatic.com	118 KB
10	google.com 3 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2787 www.google.com — Cisco Umbrella Rank: 2	1 KB
9	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1183 www.googleadservices.com — Cisco Umbrella Rank: 151	608 B
6	turn.com 3 redirects ad.turn.com — Cisco Umbrella Rank: 1045 r.turn.com — Cisco Umbrella Rank: 4512	3 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 221	227 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 56	5 KB
4	morecashpls.com cdn.morecashpls.com	24 KB
3	blismedia.com 2 redirects tr.blismedia.com — Cisco Umbrella Rank: 2251	965 B
3	quantserve.com 2 redirects cms.quantserve.com — Cisco Umbrella Rank: 928	1 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 63	213 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1071	2 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 5082	647 B
2	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 373	291 B
2	travelaudience.com 2 redirects ads.travelaudience.com — Cisco Umbrella Rank: 7890	935 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 980 s.tribalfusion.com — Cisco Umbrella Rank: 2310	1 KB
2	criteo.com dis.criteo.com — Cisco Umbrella Rank: 641	725 B
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 478	1 KB
2	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 929	924 B
2	google.nl www.google.nl — Cisco Umbrella Rank: 9099	562 B
2	andacredito.mx andacredito.mx	2 KB
2	clnk.si 2 redirects clnk.si	1 KB
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 884	340 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 406	149 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 2022	297 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 49764	612 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 943	716 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1784	587 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3499	104 B
1	crezu.mx 1 redirects sl.crezu.mx	625 B
160	32

	Domain	Requested by
24	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
22	cm.g.doubleclick.net	3 redirects andacredito.mx googleads.g.doubleclick.net
20	cdn.crezu.net	andacredito.mx cdn.crezu.net
18	pagead2.googlesyndication.com	www.googletagmanager.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
18	googleads.g.doubleclick.net	4 redirects www.googletagmanager.com pagead2.googlesyndication.com googleads.g.doubleclick.net
10	www.gstatic.com	googleads.g.doubleclick.net
8	www.googleadservices.com	andacredito.mx
7	www.google.com	3 redirects andacredito.mx googleads.g.doubleclick.net tpc.googlesyndication.com
4	www.googletagservices.com	googleads.g.doubleclick.net
4	fonts.googleapis.com	googleads.g.doubleclick.net
4	cdn.morecashpls.com	cdn.crezu.net andacredito.mx
3	tr.blismedia.com	2 redirects googleads.g.doubleclick.net
3	cms.quantserve.com	2 redirects googleads.g.doubleclick.net
3	r.turn.com	andacredito.mx
3	ad.turn.com	3 redirects
3	region1.analytics.google.com	www.googletagmanager.com
3	www.googletagmanager.com	andacredito.mx www.googletagmanager.com
2	pm.w55c.net	2 redirects
2	d5p.de17a.com	2 redirects
2	x.bidswitch.net	googleads.g.doubleclick.net
2	ads.travelaudience.com	2 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	dis.criteo.com	googleads.g.doubleclick.net
2	pr-bh.ybp.yahoo.com	2 redirects
2	id.rlcdn.com	2 redirects
2	events.crezu.net	cdn.crezu.net
2	www.google.nl	andacredito.mx
2	andacredito.mx	andacredito.mx
2	clnk.si	2 redirects
1	onetag-sys.com	1 redirects
1	match.adsrvr.org	googleads.g.doubleclick.net
1	ag.innovid.com	googleads.g.doubleclick.net
1	gcm.ctnsnet.com	1 redirects
1	um.simpli.fi	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	s.tribalfusion.com	andacredito.mx
1	a.tribalfusion.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	sl.crezu.net	cdn.crezu.net
1	workers.crezu.net	cdn.crezu.net
1	track.crezu.net	1 redirects
1	sl.crezu.mx	1 redirects
160	44

This site contains links to these domains. Also see Links.

Domain
track.crezu.net

Subject Issuer	Validity	Valid
andacredito.mx R3	`2023-08-06` - `2023-11-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
cdn.crezu.net Sectigo RSA Domain Validation Secure Server CA	`2022-11-29` - `2023-12-30`	a year	crt.sh
workers.crezu.net R3	`2023-08-18` - `2023-11-16`	3 months	crt.sh
sl.crezu.net R3	`2023-08-31` - `2023-11-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
cdn.morecashpls.com Sectigo RSA Domain Validation Secure Server CA	`2023-01-04` - `2024-02-04`	a year	crt.sh
*.google.nl GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
events.crezu.net R3	`2023-08-27` - `2023-11-25`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
quantserve.com R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-08-07` - `2023-11-05`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.innovid.com RapidSSL TLS RSA CA G1	`2023-03-15` - `2024-04-14`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh

This page contains 21 frames:

Primary Page: https://andacredito.mx/landing/offers?sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3&sub3=sl-crm&sub4=0&sub5=&sub6=5&sub7=&sub8=&sub9=
Frame ID: 0D4366BC35C79CF9CFF891F229EB9420
Requests: 48 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20190131/zrt_lookup.html
Frame ID: 3C9A60C129F8C72493E2A3DDB637A4CE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373705936907274&output=html&h=280&slotname=7429060818&adk=1462056812&adf=3069310087&pi=t.ma~as.7429060818&w=910&fwrn=4&fwrnh=100&lmt=1673874971&rafmt=1&format=910x280&url=https%3A%2F%2Fandacredito.mx%2Flanding%2Foffers%3Fsub1%3Defb720285b2f4bf9b1c31668b81689ff%26sub2%3Dmx-sms-welcome3%26sub3%3Dsl-crm%26sub4%3D0%26sub5%3D%26sub6%3D5%26sub7%3D%26sub8%3D%26sub9%3D&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694543457162&bpp=3&bdt=670&idt=307&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&correlator=5146804810180&frm=20&pv=2&ga_vid=1289939299.1694543457&ga_sid=1694543457&ga_hid=1817543865&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=345&ady=1338&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C44797664&oid=2&pvsid=911798413310443&tmod=900902517&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=Kg3WjrRBRQ&p=https%3A//andacredito.mx&dtd=319
Frame ID: 8551BAE0D97C88F974A2E6B1A44A060F
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373705936907274&output=html&adk=1812271804&adf=3025194257&lmt=1673874971&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=https%3A%2F%2Fandacredito.mx%2Flanding%2Foffers%3Fsub1%3Defb720285b2f4bf9b1c31668b81689ff%26sub2%3Dmx-sms-welcome3%26sub3%3Dsl-crm%26sub4%3D0%26sub5%3D%26sub6%3D5%26sub7%3D%26sub8%3D%26sub9%3D&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&asladp=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694543457174&bpp=1&bdt=682&idt=313&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=910x280&nras=1&correlator=5146804810180&frm=20&pv=1&ga_vid=1289939299.1694543457&ga_sid=1694543457&ga_hid=1817543865&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C44797664&oid=2&pvsid=911798413310443&tmod=900902517&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=321
Frame ID: 88449B9936B69BE237F30FEB13BE9BC8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373705936907274&output=html&adk=1812271804&adf=1573534164&lmt=1673874971&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=https%3A%2F%2Fandacredito.mx%2Flanding%2Foffers%3Fsub1%3Defb720285b2f4bf9b1c31668b81689ff%26sub2%3Dmx-sms-welcome3%26sub3%3Dsl-crm%26sub4%3D0%26sub5%3D%26sub6%3D5%26sub7%3D%26sub8%3D%26sub9%3D&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&asladp=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694543457175&bpp=1&bdt=683&idt=322&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=910x280%2C0x0&nras=2&correlator=5146804810180&frm=20&pv=1&ga_vid=1289939299.1694543457&ga_sid=1694543457&ga_hid=1817543865&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C44797664&oid=2&pvsid=911798413310443&tmod=900902517&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=325
Frame ID: 53C29AB953096A9FD28561348A99BB64
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 689E2822A405109AE3FE510802DDD50E
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Frame ID: DC7F13CFDA65CE2F14C13D5D4CDD10D5
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Frame ID: 8CF2738057457889CE338A781F1151CF
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Frame ID: B93BD4EA4FC1000113C57A10EBFC5366
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
Frame ID: 2AE51FD90CC509229128CE4F0E77A043
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 11C1B0DD632997D07760CB4A0EC9AEDF
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 065E9E2F3FDF4B43E8C6FC6D7316489C
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A0E880DD4BF2ED81EE630A654F973270
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D05F823132827087FA8E73248DD81051
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: EACA2817254CB301E92E79B9A0FE79AB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 62F35EF8537B4D88CE41D99519454D5B
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
Frame ID: A8593771F0DEB02D87081A8FBF5EB2AD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
Frame ID: BD056278EB088054A8B8A599F1CF6A1C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
Frame ID: EDF8B03305A0CCDC047B8074F8CC13C7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4069B86BE69DABCD4B068F2CB923A16C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 49A58C02215B3FE3F6CC570A365B2F3E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ofertas de préstamos rápidos | AndaCrédito

Page URL History Show full URLs

http://clnk.si/UjTca HTTP 301
https://clnk.si/UjTca HTTP 302
https://sl.crezu.mx/crm?lead_id=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3&landing=of... HTTP 302
https://track.crezu.net/click?offer_id=216&sub1=efb720285b2f4bf9b1c31668b81689ff&pid=2&sub2=mx-sms-w... HTTP 302
https://andacredito.mx/landing/offers?sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3&su... Page URL

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

160
Requests

86 %
HTTPS

48 %
IPv6

32
Domains

44
Subdomains

30
IPs

9
Countries

2683 kB
Transfer

5677 kB
Size

37
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://track.crezu.net/click?offer_id=34&pid=2&sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3-landing-offers&sub4=0&sub3=sl-crm&sub6=5&r=223
Title: Solicítalo ahora

Search URL Search Domain Scan URL

URL: https://track.crezu.net/click?offer_id=468&pid=2&sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3-landing-offers&sub4=1&sub3=sl-crm&sub6=5&r=288
Title: Solicítalо ahora

Search URL Search Domain Scan URL

URL: https://track.crezu.net/click?offer_id=302&pid=2&sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3-landing-offers&sub4=2&sub3=sl-crm&sub6=5&r=224
Title: Solicítalo ahora

Search URL Search Domain Scan URL

URL: https://track.crezu.net/click?offer_id=32&pid=2&sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3-landing-offers&sub4=3&sub3=sl-crm&sub6=5&r=724
Title: Solicítalo ahora

Search URL Search Domain Scan URL

URL: https://track.crezu.net/click?offer_id=52&pid=2&sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3-landing-offers&sub4=4&sub3=sl-crm&sub6=5&r=49
Title: Solicítalo ahora

Search URL Search Domain Scan URL

URL: https://track.crezu.net/click?offer_id=593&pid=2&sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3-landing-offers&sub4=5&sub3=sl-crm&sub6=5&r=5
Title: Contrata ahora

Search URL Search Domain Scan URL

URL: https://track.crezu.net/click?offer_id=30&pid=2&sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3-landing-offers&sub4=6&sub3=sl-crm&sub6=5&r=79
Title: Solicítalo ahora

Search URL Search Domain Scan URL

URL: https://track.crezu.net/click?offer_id=297&pid=2&sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3-landing-offers&sub4=7&sub3=sl-crm&sub6=5&r=927
Title: Quiero mi tarjeta

Search URL Search Domain Scan URL

URL: https://track.crezu.net/click?offer_id=53&pid=2&sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3-landing-offers&sub4=8&sub3=sl-crm&sub6=5&r=222
Title: Solicítalo ahora

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://clnk.si/UjTca HTTP 301
https://clnk.si/UjTca HTTP 302
https://sl.crezu.mx/crm?lead_id=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3&landing=offers HTTP 302
https://track.crezu.net/click?offer_id=216&sub1=efb720285b2f4bf9b1c31668b81689ff&pid=2&sub2=mx-sms-welcome3&sub3=sl-crm&sub6=5&sub4=0 HTTP 302
https://andacredito.mx/landing/offers?sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3&sub3=sl-crm&sub4=0&sub5=&sub6=5&sub7=&sub8=&sub9= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEF_QsHMdzBA41b4nStZt-PA&google_cver=1&google_push=AXcoOmRObebBCb9Wkx87TB5nJXYcAZkfRZH8L_BZjoL8y4HtBVPj4mQXRnBtrRJO83gDPBgo6HT6OOoMG3kNJrOtlL2s3d0KTOZh8wmQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODk5NDE0ODQ4MTY2MTMxNjEyOQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEF_QsHMdzBA41b4nStZt-PA&google_cver=1

Request Chain 63

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmQnA7PJglkPcotAPjCh8x1af_3k6ernpW2XJ-w3PkbThRjFYtN0G7WBG64qWygC708GuG5GB4qT2vCXHuStiGELp2mFBZmZFaIn&google_gid=CAESEGG48gyYeFjlVRo-Pk8FJmo&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCOLcgqgGEgUI6AcQAEIASnRnb29nbGVfcHVzaD1BWGNvT21RbkE3UEpnbGtQY290QVBqQ2g4eDFhZl8zazZlcm5wVzJYSi13M1BrYlRoUmpGWXROMEc3V0JHNjRxV3lnQzcwOEd1RzVHQjRxVDJ2Q1hIdVN0aUdFTHAybUZCWm1aRmFJbg HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwWDRKek1WQmhHSFlFOGp5ZkNOU01aOTE5aFBfZnFrWHhXQzRBRWpEemtRdw==&google_push

Request Chain 64

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESED_e_Qp7duUKi0ZtSolIQI0&google_cver=1&google_push=AXcoOmTEciRNhK4poccbgLPdMkZx8woZJPP6k8ng7DQyzQBseAfY_AsyeTEshu0ijo8UnVNpQ_GER5-3kyeuPzgIgP7S61ASfAtd3O7v HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTEciRNhK4poccbgLPdMkZx8woZJPP6k8ng7DQyzQBseAfY_AsyeTEshu0ijo8UnVNpQ_GER5-3kyeuPzgIgP7S61ASfAtd3O7v&google_hm=eS1ybkFKU2tKRTJwR09FTFFyQy5wd2hBRnFNczJFaWJTSH5B

Request Chain 73

https://googleads.g.doubleclick.net/pagead/adview?ai=CyA7XYa4AZYLiIIe86wTJqJG4As7y4vdytLqt1YgSp-mrioEwEAEgz8OZc2CRhKCFjBigAYSMmbwCyAEJqAMByAPLBKoE3gJP0GnL5q0pAFSp6Yshl1hGPGK0Fsywbx1JpS_HR0N5WJvzpZgktEdHBDdlsSb_Iw1gG4QZCdqbil3qCVMLbM1BHE35JOoWulwRjizdNgvP6QxVWA5OL5BX-uWAQgRauqu5ZA_I6zjSS4ASG7BzPF-4XXbj1l-CnQu-AD-ZrQzWoT4bI-YrerhQmBLfvUkfKXsq5ywGrBOBzW2fr57XmBUsLCZOf6T4GUVpubx8lVhGhaxBmixAhMHyJMyF2HNQadMD3cTlxYISlpfuybyHBiZ3gj4H-AQOIgBCMEPQ2GxgEMJmQI5WIR_bzSTaXAF6qoRBlAVfroikezSDwcBdiggvqxstQmFvvplb3PPRQEIx99cY773BWBpluxi1FLOzHGBJEtRjsVQKe9v0YHrXpGrIJ7MWcaXWjDvtE3ZPDqx54M828eYoFTo0yiTJkbDjnMKethF-5EJRkhcqZDTPlsAE-6XH64MEiAW8877mPpIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfyx4DxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEMCvC9IIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCSpodHRwczovL2dldHN0YXJ0ZWQudGlrdG9rLmNvbS9nb2Z1bGx0aWt0b2uACgHICwG4E-QD2BMM0BUBgBcBshccChoIABIUcHViLTYzNzM3MDU5MzY5MDcyNzQYAA&sigh=v4_3a3H_Evg&uach_m=[UACH]&ase=2&cid=CAQSKQBpAlJWdepTc2maFDB4cfr9feBMEpWz5IBoZhfsEM7iI22bRvwCpayXGAE&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221747745891332855143%22,%22debug_reporting%22:true,%22destination%22:%22https://tiktok.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22663111172%22],%224%22:[%2209-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213540991827155480849%22}&andc=true

Request Chain 114

https://ad.turn.com/r/cs?pid=3&google_gid=CAESENEIei_V6iRFyLBswkL-_dk&google_cver=1&google_push=AXcoOmToQ-f3cGY3I1lgxWCOtoa47ApqJaD3HOb54UZ0o3OLp-JIutaWc9AxTfJ4kaQzgrIGfBaOuxPnNvg_YH3cKgnF2wQVCwrg7f4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODk5NDE0ODQ4MTY2MTMxNjEyOQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEF_QsHMdzBA41b4nStZt-PA&google_cver=1

Request Chain 115

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKmCpifcpaDIlb8WZIiYD-Y&google_cver=1&google_push=AXcoOmQwUix8yOqXdRmirFFx-BmLcsqGoRmXsDvoJAhi5TxwjdGrmYUUON3cNfUfvqhXThxfyalVdRcpJtN4_tyGNwTFC_juJJr9ttw HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmQwUix8yOqXdRmirFFx-BmLcsqGoRmXsDvoJAhi5TxwjdGrmYUUON3cNfUfvqhXThxfyalVdRcpJtN4_tyGNwTFC_juJJr9ttw&google_hm=tBBPRNq4WMso9jZxfV2KMw

Request Chain 116

https://a.tribalfusion.com/i.match?p=b6&u=CAESEMBHssNtg0pUJKwnmKY1LRs&google_cver=1&google_push=AXcoOmSH6wXLpfBCopjjhreb3MOH11eTSBdFU7yEFPN6T5HaXI90IXO2q0QYCn4M1gxmyym-VOxFPr6OWRhREGj39TTkO_bIzxk6zA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSH6wXLpfBCopjjhreb3MOH11eTSBdFU7yEFPN6T5HaXI90IXO2q0QYCn4M1gxmyym-VOxFPr6OWRhREGj39TTkO_bIzxk6zA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMBHssNtg0pUJKwnmKY1LRs&google_cver=1&google_push=AXcoOmSH6wXLpfBCopjjhreb3MOH11eTSBdFU7yEFPN6T5HaXI90IXO2q0QYCn4M1gxmyym-VOxFPr6OWRhREGj39TTkO_bIzxk6zA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSH6wXLpfBCopjjhreb3MOH11eTSBdFU7yEFPN6T5HaXI90IXO2q0QYCn4M1gxmyym-VOxFPr6OWRhREGj39TTkO_bIzxk6zA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 117

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEIFa_QTJIEdMkRbFOjgcvvM&google_cver=1&google_push=AXcoOmROmpro5_7PDallcph-GXjyLlqddS5s1ZwFw4457IGaTmh58DIg3zRCL-KpMxX8MMkcTYdRHTWSpupGNFZVxC5LiecUGk5kCcE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3ODAwODczMzc5MDYzMjA4Mg%3D%3D&google_push=AXcoOmROmpro5_7PDallcph-GXjyLlqddS5s1ZwFw4457IGaTmh58DIg3zRCL-KpMxX8MMkcTYdRHTWSpupGNFZVxC5LiecUGk5kCcE

Request Chain 118

https://ads.travelaudience.com/google_pixel?google_gid=CAESEIcUHCoTYHitWw29yHH5Njw&google_cver=1&google_push=AXcoOmQ0nCchCVFG_Vuut1uW5HCgpIPAGl-ImSXvKj8UQ80GZieJRdKOEsJMC0-nLQ4YyDRL5WbbmJH8RjgL4XepWVSZyxKyt3UEyOc HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=w60dX_1HTyO1kYa0UYjPOg&google_push=AXcoOmQ0nCchCVFG_Vuut1uW5HCgpIPAGl-ImSXvKj8UQ80GZieJRdKOEsJMC0-nLQ4YyDRL5WbbmJH8RjgL4XepWVSZyxKyt3UEyOc

Request Chain 122

https://googleads.g.doubleclick.net/pagead/adview?ai=CN8qsYa4AZf6VIoXV6wTby56IC4q2ne9vy5eQ9bYNlL-1q64BEAEgz8OZc2CRhKCFjBigAdnj7sECyAEBqQKyk_JsigSyPqgDAcgDywSqBOQCT9AeYBTkgFveW6jAqhNsxBhIqTToEhI_dmYTnQQKai4C4X4jR58rGZrjrVou0IMEr1GVm7J3XiTXWWGzlypW-Cuxmqllh2gWzmq4hgRj0dWSFrqxEXQs4a5eNptmI-7_XwxcrgZILEuBjIIxQJOMWuefS8WJcTrRlwZfpQ0_mW8HMzXq6QGH_YRgNMnFHbfdaLJLMUILK2YK8hGDAEi7SRDCN4OkL3SknzF2nDNiYOf6uEfJ7Mn4fzlrh8enmUURwSsqQM-55YelfIHD8xXmqulwsrUm5l6bega2lj4ozkr5-Q2EuL1xyUhutm2bsjebREkv2I4uldw0hE-9TY9otZHvPfI2rH7sdDRXL9pvfU907Z7bJOwIVc6cw-GMGm15B3ToIFtFoYW4qoOoKqdJT3npt0K0zSn_dasYZj0q6mUBovQeG-x0M1YdR6XuVh9B0GBewebfeO--pzdz5XPtW03LGcvABPujy5i6A4gFrOWFzS6SBQQIBBgBkgUECAUYBIAHjOfBvQKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCRjFPSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgkfaHR0cHM6Ly9kb21lay5ubC9lcy9jYWxjdWxhZG9yL4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi02MzczNzA1OTM2OTA3Mjc0GAA&sigh=MUfzQUgjPcY&uach_m=[UACH]&ase=2&cid=CAQSKQBpAlJWCalzyPKTfzat6YlOgjsDFsDZsxOr3qRxZKCsI99OVXLE_8YuGAE&template_id=5001&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22831027826563187998%22,%22debug_reporting%22:true,%22destination%22:%22https://domek.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22675000793%22],%224%22:[%2209-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226502207190647356785%22}&andc=true

Request Chain 123

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 125

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKmCpifcpaDIlb8WZIiYD-Y&google_cver=1&google_push=AXcoOmRbJYxo8eNTr6T6MSZV-jAi6NZy1uiPGULUCOBLNVntXofOqO9ltGEvUM5nKxwVYrbu6reMXthoi2lUdejrmWsJcfWjU_leng HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmRbJYxo8eNTr6T6MSZV-jAi6NZy1uiPGULUCOBLNVntXofOqO9ltGEvUM5nKxwVYrbu6reMXthoi2lUdejrmWsJcfWjU_leng&google_hm=tBBPRNq4WMso9jZxfV2KMw

Request Chain 126

https://um.simpli.fi/gp_match?google_gid=CAESEOhmH2wu7qXccYJCx_wxU8M&google_cver=1&google_push=AXcoOmRzQBAiJzJkmDm24hNtj90gzaOks2mY-Z8m1-grjN6s_i59ElUaaWUFYLhPiIqBVcgYnCUnsQT0jfMIbEZfMV7VXzYwZlqimA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BAE417907EEF40AAAC2DAF945279B8E8&google_push=AXcoOmRzQBAiJzJkmDm24hNtj90gzaOks2mY-Z8m1-grjN6s_i59ElUaaWUFYLhPiIqBVcgYnCUnsQT0jfMIbEZfMV7VXzYwZlqimA

Request Chain 127

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENOh8l37bjGv6gtdupOBoyU&google_cver=1&google_push=AXcoOmRWZKMEpeyjASjX_erTQpoVh83EvJxBts-BNYzupOkleZbffuyz3pTPjY63XEGWfSS220UHYDZSLFqhO6juiusfLNaszYHoOw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRWZKMEpeyjASjX_erTQpoVh83EvJxBts-BNYzupOkleZbffuyz3pTPjY63XEGWfSS220UHYDZSLFqhO6juiusfLNaszYHoOw&google_hm=NXGusf7zTVu4pxblvPM5IZU

Request Chain 128

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEK85xXI0ukWTzciQxxBVP7s&google_cver=1&google_push=AXcoOmRCs8qimPw4VD0T5XPaKQCv7zCmzLTPqReBWO1Ruu28slEsrJIpnvgDVZeGTRt9s45cwAEfY50mSItamfCga3GKpq7sW9t_ HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmRCs8qimPw4VD0T5XPaKQCv7zCmzLTPqReBWO1Ruu28slEsrJIpnvgDVZeGTRt9s45cwAEfY50mSItamfCga3GKpq7sW9t_&google_hm=hmUArmKxMIoW-4qDHg&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6500AE62B1308A16FB8A831EBLIS

Request Chain 129

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEC8LPOnyD0_AxB1xIrsdMAM&google_cver=1&google_push=AXcoOmQ_7JvH3nC8jKkpHYhVvUlX3SN9MFbUZ32O9vYY13wbFylgi9Dc7jtQYLi81d-NOjSr35U8H7oJAIEN2ZclXBqsTVKypbHg9w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQ_7JvH3nC8jKkpHYhVvUlX3SN9MFbUZ32O9vYY13wbFylgi9Dc7jtQYLi81d-NOjSr35U8H7oJAIEN2ZclXBqsTVKypbHg9w&google_hm=eS1ybkFKU2tKRTJwR09FTFFyQy5wd2hBRnFNczJFaWJTSH5B

Request Chain 130

https://d5p.de17a.com/cookies/google?google_gid=CAESEOOm3m0IYtAOdh6IgDavz8s&google_cver=1&google_push=AXcoOmR68AEJClOTv6vMpXIxybHYX1-y6mTiemNJkLQkS8kR-2dL3FzF3lomLM2nFKa4NqjcITtmhw4GfYSTSkEV5Eay7whaf48G HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEOOm3m0IYtAOdh6IgDavz8s&google_cver=1&google_push=AXcoOmR68AEJClOTv6vMpXIxybHYX1-y6mTiemNJkLQkS8kR-2dL3FzF3lomLM2nFKa4NqjcITtmhw4GfYSTSkEV5Eay7whaf48G HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmR68AEJClOTv6vMpXIxybHYX1-y6mTiemNJkLQkS8kR-2dL3FzF3lomLM2nFKa4NqjcITtmhw4GfYSTSkEV5Eay7whaf48G

Request Chain 134

https://ad.turn.com/r/cs?pid=3&google_gid=CAESENEIei_V6iRFyLBswkL-_dk&google_cver=1&google_push=AXcoOmT2Fl3z7erpDKPuwmmhJDi-T7IixLGsfviKrYlKqHc3i2BJI_rR5HrvMPV9W9uYz42QbqAWCEg9BXeUBlv1DV_g18VM30Yh180 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODk5NDE0ODQ4MTY2MTMxNjEyOQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEF_QsHMdzBA41b4nStZt-PA&google_cver=1

Request Chain 135

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEH3A2VAYxlR-eMRh2YR5ZHA&google_cver=1&google_push=AXcoOmQVF-6Ni7sk-VU1Vl5Lxog-FqxfnVlUW9DrE3-T_aljnQWRkcTN4w9UgRnJ3yzBHjSRpsSTp3Iz7V-AVCnUI4BT5L0O3ZtGxQdO HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEH3A2VAYxlR-eMRh2YR5ZHA&google_cver=1&google_push=AXcoOmQVF-6Ni7sk-VU1Vl5Lxog-FqxfnVlUW9DrE3-T_aljnQWRkcTN4w9UgRnJ3yzBHjSRpsSTp3Iz7V-AVCnUI4BT5L0O3ZtGxQdO HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bVB1bUJvWmkxUUc4YTc1&google_gid=CAESEH3A2VAYxlR-eMRh2YR5ZHA&google_cver=1&google_push=AXcoOmQVF-6Ni7sk-VU1Vl5Lxog-FqxfnVlUW9DrE3-T_aljnQWRkcTN4w9UgRnJ3yzBHjSRpsSTp3Iz7V-AVCnUI4BT5L0O3ZtGxQdO

Request Chain 137

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEK85xXI0ukWTzciQxxBVP7s&google_cver=1&google_push=AXcoOmTA7QpHfKxCkZBu_HrtPrqPh_-qnX-BNqIu0EaIM5e_sJ-FQC5RxWWCQPsRey1ciWHLAomrlPrIQV_hejGaQakg8zwymQae1aBn HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmTA7QpHfKxCkZBu_HrtPrqPh_-qnX-BNqIu0EaIM5e_sJ-FQC5RxWWCQPsRey1ciWHLAomrlPrIQV_hejGaQakg8zwymQae1aBn&google_hm=hmUArmKxMIoW-4qDHg&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6500AE62B1308A16FB8A831EBLIS

Request Chain 138

https://ads.travelaudience.com/google_pixel?google_gid=CAESEIcUHCoTYHitWw29yHH5Njw&google_cver=1&google_push=AXcoOmQRYLC20TQgt3Xi84NySXvxwbI7BseS-TXtQOh7s3FQmKC59njwfEahNWoA48ggtr8OxS2HStcwiqMPIEHS30uj4234Sy2-bu4Z HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=1EZhKl1eSnCZ-8KrEqbT6Q&google_push=AXcoOmQRYLC20TQgt3Xi84NySXvxwbI7BseS-TXtQOh7s3FQmKC59njwfEahNWoA48ggtr8OxS2HStcwiqMPIEHS30uj4234Sy2-bu4Z

Request Chain 140

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAZbGN8M7BntPemLoC1i4ZQ&google_cver=1&google_push=AXcoOmQ9Pj7kGyiVIsmBoZtvMeNJyyEE5p-zCMv0-XRYc1b8QGtKX9K2iooluN9fkHpgy1s3SvZno27-DnH9CQ3hhyu99bpntprEv0Oi HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQ9Pj7kGyiVIsmBoZtvMeNJyyEE5p-zCMv0-XRYc1b8QGtKX9K2iooluN9fkHpgy1s3SvZno27-DnH9CQ3hhyu99bpntprEv0Oi

Request Chain 143

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 144

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 147

https://googleads.g.doubleclick.net/pagead/adview?ai=CAVzrYa4AZf-VIoXV6wTby56IC4q2ne9vy5eQ9bYNlL-1q64BEAEgz8OZc2CRhKCFjBigAdnj7sECyAEBqQKyk_JsigSyPqgDAcgDywSqBOMCT9AJH6JLqWYBkluZTpC1Nb-mRl9VhIwzW_7ELWMltttNvyY_z5CWNv5BUUiFRxKndSOfeB4pWBA5WtMu_rXr3gXuiXqfK156VA6KG2jub7Px5LDT-7DSkGAzm694PBlOyertv4D6pIn7hGf7cP2zUJlKvT9FDEEnH3xDIKHEoOcuy-DCw_nbGd7ZIjbBxV_JpbarKzNXEjptQPYqoI0dOEnBkeJQl2awJZJQDIUrfcTsig9HCVlAUIeV5hc-DnQkgtO0ENnMLqQ-m38w8_PJnD_PxpvLY-iYO9HleLulJoyTTtXUh8pJwV_N3RDom6yNK8oMJmv975CgKs5rFX2ERUZW0Hnq0gNdhSOuTdwawYrXbYzswTZuDd49-af5focOmqbThS2Vg-eGZRIpZ1mgiEyt0_erdm1_BWeE94ShiEvy-vK5cm_thG_wm5kHW4QvQha1QpyHPs7cpjk7rlw6ZWP_SMAE-6PLmLoDiAWs5YXNLpIFBAgEGAGSBQQIBRgEgAeM58G9AqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEL_GItIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCR9odHRwczovL2RvbWVrLm5sL2VzL2NhbGN1bGFkb3IvgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTYzNzM3MDU5MzY5MDcyNzQYAA&sigh=Zm5gZt_SMxc&uach_m=[UACH]&ase=2&cid=CAQSKQBpAlJWCalzyPKTfzat6YlOgjsDFsDZsxOr3qRxZKCsI99OVXLE_8YuGAE&template_id=5001&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221119040664988043286%22,%22debug_reporting%22:true,%22destination%22:%22https://domek.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22675000793%22],%224%22:[%2209-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217499751766713169713%22}&andc=true

Request Chain 148

https://googleads.g.doubleclick.net/pagead/adview?ai=Cq8LWYa4AZYCWIoXV6wTby56IC7ayne9vk5mQ9bYN_viA2sMBEAEgz8OZc2CRhKCFjBigAdnj7sECyAEBqQKyk_JsigSyPqgDAcgDywSqBOYCT9CBR4pkIgMzLle9UxXlkQFtuyFsLVqUn9oLv3oqWLV_k0ROug8JUIoIeTJ-EM3gioWI-fhxfIh4aoXgJFoNUG-9sv10Dy4io0ynjzF3S-9bdv4ZYw4Jl3yxjrD6rQPSA3x-6Et5wk6VKezNVnRyC9GXcYgsz5kFIaV-UUE5j7PWI-aZlOcYLfsT7Bt05YX8lo6n8JsLGvB78fgkQmarxZA77PBh6RkIJ_ioiNCs96HJeLcNoG7JLC8_6FLwTPYL2_wsS_Ii1X2rApNJpt-17xzm9Zol7zuJntV614IJYYxuadhsZ50QUGFvUNqZa4kHXIfTQ29OHMkWVK5JwtiiEfsfn93QzluBuLn4eIH9Pjh5e9s0YwDxeMdxcQFV8RPbDV-I9PvI0WjcHfEAyqlx_0IuOm1xH7Mv8dH10qQOwPBEPLOAJLzBXEoNTAYIutgy88qXRNaZ8X-9Xq4QJMuRK1EXpMNVEMAEw6XLmLoDiAWv5YXNLpIFBAgEGAGSBQQIBRgEgAeM58G9AqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEOizGdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCR9odHRwczovL2RvbWVrLm5sL2VzL2NhbGN1bGFkb3IvgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTYzNzM3MDU5MzY5MDcyNzQYAA&sigh=fq_QxUCKpsg&uach_m=[UACH]&ase=2&cid=CAQSKQBpAlJWCalzyPKTfzat6YlOgjsDFsDZsxOr3qRxZKCsI99OVXLE_8YuGAE&template_id=5001&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228943580487965065200%22,%22debug_reporting%22:true,%22destination%22:%22https://domek.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22675000793%22],%224%22:[%2209-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213331568590710184897%22}&andc=true

160 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request offers Show response
andacredito.mx/landing/
Redirect Chain

http://clnk.si/UjTca
https://clnk.si/UjTca
https://sl.crezu.mx/crm?lead_id=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3&landing=offers
https://track.crezu.net/click?offer_id=216&sub1=efb720285b2f4bf9b1c31668b81689ff&pid=2&sub2=mx-sms-welcome3&sub3=sl-crm&sub6=5&sub4=0
https://andacredito.mx/landing/offers?sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3&sub3=sl-crm&sub4=0&sub5=&sub6=5&sub7=&sub8=&sub9=

2 KB
1 KB

615ms
166ms

Document
text/html

35.235.93.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://andacredito.mx/landing/offers?sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3&sub3=sl-crm&sub4=0&sub5=&sub6=5&sub7=&sub8=&sub9=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 35.235.93.22 Los Angeles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.93.235.35.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a9d019de6cb27c35845f9e26aa99dd8e2f01f04368f237c65f631578cb0dc1c8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Tue, 12 Sep 2023 18:30:56 GMT
ETag: W/"63c55c2b-8a7"
Last-Modified: Mon, 16 Jan 2023 14:16:11 GMT
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

access-control-allow-origin: *
content-length: 0
date: Tue, 12 Sep 2023 18:30:55 GMT
location: https://andacredito.mx/landing/offers?sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3&sub3=sl-crm&sub4=0&sub5=&sub6=5&sub7=&sub8=&sub9=
server: nginx
x-adjust-use-original-forwarded-for: 1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 145 KB
56 KB 153ms
62ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-790050544

Requested by

Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3&sub3=sl-crm&sub4=0&sub5=&sub6=5&sub7=&sub8=&sub9=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

98dbfa53fe85a70c1dd756cfbc10d74bf8540d82e1e0765894aebf5fe8f86e9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 18:30:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56888
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 12 Sep 2023 18:30:56 GMT

GET
H2 200 style.css
cdn.crezu.net/offers/dist/ 60 KB
11 KB 106ms
29ms Stylesheet
text/css 35.201.76.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.crezu.net/offers/dist/style.css
Requested by: Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3&sub3=sl-crm&sub4=0&sub5=&sub6=5&sub7=&sub8=&sub9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.76.201.35.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 63425a51bc14b66579166bac9b5902793d36bf0ba63a713e0517967c81d9a313

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 15:43:18 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 11 Sep 2023 15:37:30 GMT
server: nginx/1.14.0 (Ubuntu)
age: 96458
etag: W/"64ff343a-f040"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11005
expires: Mon, 18 Sep 2023 15:43:18 GMT

GET
H/1.1 200
OK mx.js Show response
andacredito.mx/js/ 1006 B
899 B 167ms
166ms Script
application/javascript 35.235.93.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://andacredito.mx/js/mx.js
Requested by: Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3&sub3=sl-crm&sub4=0&sub5=&sub6=5&sub7=&sub8=&sub9=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 35.235.93.22 Los Angeles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.93.235.35.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 8236d168322fe35d3a2e16f1786d9f37617b3a722aa109a94ca07f91cf171775

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/landing/offers?sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3&sub3=sl-crm&sub4=0&sub5=&sub6=5&sub7=&sub8=&sub9=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Tue, 12 Sep 2023 18:30:56 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Dec 2022 13:32:16 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"63a067e0-3ee"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Connection: keep-alive
Expires: Tue, 19 Sep 2023 18:30:56 GMT

GET
H2 200 common.js Show response
cdn.crezu.net/common/dist/ 188 KB
55 KB 109ms
33ms Script
application/javascript 35.201.76.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.crezu.net/common/dist/common.js
Requested by: Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3&sub3=sl-crm&sub4=0&sub5=&sub6=5&sub7=&sub8=&sub9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.76.201.35.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 18a49454b27284f8a409abfe02ee82f6aca81c42481091e6710bc2d8aa2ade16

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 15:41:24 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 11 Sep 2023 15:37:30 GMT
server: nginx/1.14.0 (Ubuntu)
age: 96572
etag: W/"64ff343a-2f130"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56489
expires: Mon, 18 Sep 2023 15:41:24 GMT

GET
H2 200 offers.iife.js Show response
cdn.crezu.net/offers/dist/ 199 KB
60 KB 137ms
62ms Script
application/javascript 35.201.76.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.crezu.net/offers/dist/offers.iife.js
Requested by: Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3&sub3=sl-crm&sub4=0&sub5=&sub6=5&sub7=&sub8=&sub9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.76.201.35.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ec68368115e7c1e9eeececfb003c990d971d917c84c94e9798fedbcf116decfc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 15:42:54 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 11 Sep 2023 15:37:30 GMT
server: nginx/1.14.0 (Ubuntu)
age: 96482
etag: W/"64ff343a-31ac8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61442
expires: Mon, 18 Sep 2023 15:42:54 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 185 KB
66 KB 186ms
113ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M86R7TG

Requested by

Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3&sub3=sl-crm&sub4=0&sub5=&sub6=5&sub7=&sub8=&sub9=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

537de93db1bad17008808b88ead6c3ceed9e8c54c7ce20806123f6e51ed4b4d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 18:30:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67608
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 12 Sep 2023 18:30:56 GMT

GET
H/1.1 200
OK / Show response
workers.crezu.net/geoip/ 57 B
525 B 123ms
35ms Fetch
application/json 34.77.94.206
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://workers.crezu.net/geoip/
Requested by: Host: cdn.crezu.net
URL: https://cdn.crezu.net/offers/dist/offers.iife.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.77.94.206 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 206.94.77.34.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: fb5d224c0d6133efc6727f46d8b9120582df1b550370f4e6181e4d09334d0e57

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Tue, 12 Sep 2023 18:30:56 GMT
Server: nginx/1.14.0 (Ubuntu)
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range, x-requested-with
Content-Length: 57

GET
H/1.1 200
OK sl-feed Show response
sl.crezu.net/ 47 B
530 B 236ms
68ms XHR
application/json 35.241.222.91
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sl.crezu.net/sl-feed?lead_id=efb720285b2f4bf9b1c31668b81689ff&page=landing-offers&direction=swap
Requested by: Host: cdn.crezu.net
URL: https://cdn.crezu.net/offers/dist/offers.iife.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.222.91 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 91.222.241.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 8f9ab8b11d2f129ac5267cd2429b4e72710bf325dc719a67291128afc24c22a3

Request headers

Accept: application/json, text/plain, */*
Referer: https://andacredito.mx/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Tue, 12 Sep 2023 18:30:56 GMT
Server: nginx/1.18.0 (Ubuntu)
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range, x-requested-with
Content-Length: 47

GET
H3 200 Montserrat-Bold.ttf
cdn.crezu.net/offers/src/assets/fonts/montserrat/ 313 KB
313 KB 90ms
34ms Font
application/octet-stream 35.201.76.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.crezu.net/offers/src/assets/fonts/montserrat/Montserrat-Bold.ttf
Requested by: Host: cdn.crezu.net
URL: https://cdn.crezu.net/offers/dist/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.76.201.35.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 3353dbadebb12047d42fe8bf09b3f2650eb1c7e8f8aa42befcff6c78ef1974dc

Request headers

Referer: https://cdn.crezu.net/offers/dist/style.css
Origin: https://andacredito.mx
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 18:30:56 GMT
via: 1.1 google
last-modified: Thu, 24 Mar 2022 10:14:47 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "623c4497-4e248"
content-type: application/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 320072

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/790050544/ 3 KB
2 KB 154ms
77ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/790050544/?random=1694543456723&cv=11&fst=1694543456723&bg=ffffff&guid=ON&async=1&gtm=45be3960&u_w=1600&u_h=1200&url=https%3A%2F%2Fandacredito.mx%2Flanding%2Foffers%3Fsub1%3Defb720285b2f4bf9b1c31668b81689ff%26sub2%3Dmx-sms-welcome3%26sub3%3Dsl-crm%26sub4%3D0%26sub5%3D%26sub6%3D5%26sub7%3D%26sub8%3D%26sub9%3D&hn=www.googleadservices.com&frm=0&tiba=Ofertas%20de%20pr%C3%A9stamos%20r%C3%A1pidos%20%7C%20AndaCr%C3%A9dito&auid=309555220.1694543457&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-790050544

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

053ad4c814aa7586e81a34f6d08db3cc95682a6445f05f5c4a177b0dddf87543

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 18:30:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1434
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 push-v3.css
cdn.morecashpls.com/landings/css/ 5 KB
1 KB 91ms
27ms Stylesheet
text/css 34.107.249.96
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.morecashpls.com/landings/css/push-v3.css
Requested by: Host: cdn.crezu.net
URL: https://cdn.crezu.net/common/dist/common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.249.96 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 96.249.107.34.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e99a79b67018d4f28948226a27d0aa7d3e7a2e71eefaa13993e323fe71ca0cd7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 06:31:06 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Tue, 19 Jul 2022 08:15:29 GMT
server: nginx/1.14.0 (Ubuntu)
age: 561590
etag: W/"62d66821-14e0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1254
expires: Wed, 13 Sep 2023 06:31:06 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 305ms
168ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M86R7TG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80bd05600bda8e5e27d97dd0c120a6a3c5e33a28797e7aef84c6b4000b1edfff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 18:30:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50492
x-xss-protection: 0
server: cafe
etag: 1147849102570915484
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 18:30:56 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 275 KB
91 KB 69ms
66ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-EM2MYKZJLX&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M86R7TG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

520d30c512c9204e2e3ebd00881bd49d4b03126b288b8cc56c69a9b6618c5347

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 18:30:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93141
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 12 Sep 2023 18:30:56 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
253 B 86ms
30ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-EM2MYKZJLX&gtm=45je3960&_p=1817543865&_gaz=1&cid=1289939299.1694543457&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1694543456&sct=1&seg=0&dl=https%3A%2F%2Fandacredito.mx%2Flanding%2Foffers%3Fsub1%3Defb720285b2f4bf9b1c31668b81689ff%26sub2%3Dmx-sms-welcome3%26sub3%3Dsl-crm%26sub4%3D0%26sub5%3D%26sub6%3D5%26sub7%3D%26sub8%3D%26sub9%3D&dt=Ofertas%20de%20pr%C3%A9stamos%20r%C3%A1pidos%20%7C%20AndaCr%C3%A9dito&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EM2MYKZJLX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 18:30:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://andacredito.mx
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
244 B 106ms
33ms Ping
text/plain 2a00:1450:400c:c0b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-EM2MYKZJLX&cid=1289939299.1694543457&gtm=45je3960&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EM2MYKZJLX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 18:30:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://andacredito.mx
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
107 B 166ms
71ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-EM2MYKZJLX&cid=1289939299.1694543457&gtm=45je3960&aip=1&z=980044597

Requested by

Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3&sub3=sl-crm&sub4=0&sub5=&sub6=5&sub7=&sub8=&sub9=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 18:30:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/790050544/ 42 B
455 B 125ms
45ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/790050544/?random=1694543456723&cv=11&fst=1694541600000&bg=ffffff&guid=ON&async=1&gtm=45be3960&u_w=1600&u_h=1200&url=https%3A%2F%2Fandacredito.mx%2Flanding%2Foffers%3Fsub1%3Defb720285b2f4bf9b1c31668b81689ff%26sub2%3Dmx-sms-welcome3%26sub3%3Dsl-crm%26sub4%3D0%26sub5%3D%26sub6%3D5%26sub7%3D%26sub8%3D%26sub9%3D&frm=0&tiba=Ofertas%20de%20pr%C3%A9stamos%20r%C3%A1pidos%20%7C%20AndaCr%C3%A9dito&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3625315708&rmt_tld=0&ipr=y

Requested by

Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3&sub3=sl-crm&sub4=0&sub5=&sub6=5&sub7=&sub8=&sub9=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 18:30:57 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.nl/pagead/1p-user-list/790050544/ 42 B
455 B 129ms
49ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-user-list/790050544/?random=1694543456723&cv=11&fst=1694541600000&bg=ffffff&guid=ON&async=1&gtm=45be3960&u_w=1600&u_h=1200&url=https%3A%2F%2Fandacredito.mx%2Flanding%2Foffers%3Fsub1%3Defb720285b2f4bf9b1c31668b81689ff%26sub2%3Dmx-sms-welcome3%26sub3%3Dsl-crm%26sub4%3D0%26sub5%3D%26sub6%3D5%26sub7%3D%26sub8%3D%26sub9%3D&frm=0&tiba=Ofertas%20de%20pr%C3%A9stamos%20r%C3%A1pidos%20%7C%20AndaCr%C3%A9dito&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3625315708&rmt_tld=1&ipr=y

Requested by

Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3&sub3=sl-crm&sub4=0&sub5=&sub6=5&sub7=&sub8=&sub9=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 18:30:57 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 mx_feed.json Show response
cdn.crezu.net/offers_data/configs/ 78 KB
9 KB 35ms
35ms XHR
application/json 35.201.76.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.crezu.net/offers_data/configs/mx_feed.json
Requested by: Host: cdn.crezu.net
URL: https://cdn.crezu.net/offers/dist/offers.iife.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.76.201.35.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: fa503dfdadb36bfe3b366aaef36c3d4ed5ce5249923fdb979e6c530d6adcfcd3

Request headers

Accept: application/json, text/plain, */*
Referer: https://andacredito.mx/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 18:30:56 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 11 Sep 2023 23:42:31 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"64ffa5e7-13734"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H/1.1 204
No Content event
events.crezu.net/api/ Frame 0
0 201ms
32ms Preflight
text/plain 35.240.92.105
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://events.crezu.net/api/event
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.240.92.105 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 105.92.240.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://andacredito.mx
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,X-API-KEY,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1728000
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Tue, 12 Sep 2023 18:30:57 GMT
Server: nginx/1.18.0 (Ubuntu)

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 30ms
29ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-EM2MYKZJLX&gtm=45je3960&_p=1817543865&cid=1289939299.1694543457&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1694543456&sct=1&seg=0&dl=https%3A%2F%2Fandacredito.mx%2Flanding%2Foffers%3Fsub1%3Defb720285b2f4bf9b1c31668b81689ff%26sub2%3Dmx-sms-welcome3%26sub3%3Dsl-crm%26sub4%3D0%26sub5%3D%26sub6%3D5%26sub7%3D%26sub8%3D%26sub9%3D&dt=Ofertas%20de%20pr%C3%A9stamos%20r%C3%A1pidos%20%7C%20AndaCr%C3%A9dito&en=scroll&epn.percent_scrolled=90&_et=10
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EM2MYKZJLX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 18:30:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://andacredito.mx
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
45 B 30ms
30ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-EM2MYKZJLX&gtm=45je3960&_p=1817543865&cid=1289939299.1694543457&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&sid=1694543456&sct=1&seg=0&dl=https%3A%2F%2Fandacredito.mx%2Flanding%2Foffers%3Fsub1%3Defb720285b2f4bf9b1c31668b81689ff%26sub2%3Dmx-sms-welcome3%26sub3%3Dsl-crm%26sub4%3D0%26sub5%3D%26sub6%3D5%26sub7%3D%26sub8%3D%26sub9%3D&dt=Ofertas%20de%20pr%C3%A9stamos%20r%C3%A1pidos%20%7C%20AndaCr%C3%A9dito&en=feedSubmitted&_c=1&_et=66
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EM2MYKZJLX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 18:30:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://andacredito.mx
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 201
Created event Show response
events.crezu.net/api/ 0
402 B 36ms
36ms Fetch 35.240.92.105
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://events.crezu.net/api/event
Requested by: Host: cdn.crezu.net
URL: https://cdn.crezu.net/offers/dist/offers.iife.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.240.92.105 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 105.92.240.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://andacredito.mx/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 12 Sep 2023 18:30:57 GMT
Server: nginx/1.18.0 (Ubuntu)
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-API-KEY,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

GET
H2 200 dineria.svg
cdn.crezu.net/offers_data/images/ 9 KB
9 KB 31ms
26ms Image
image/svg+xml 35.201.76.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.crezu.net/offers_data/images/dineria.svg
Requested by: Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3&sub3=sl-crm&sub4=0&sub5=&sub6=5&sub7=&sub8=&sub9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.76.201.35.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 3a1901faf207ae43fd6e00a47ad92fb729ef33e588191775577c8fc2f37cc1b0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 15:43:57 GMT
via: 1.1 google
last-modified: Wed, 02 Feb 2022 09:18:55 GMT
server: nginx/1.14.0 (Ubuntu)
age: 96420
etag: "61fa4c7f-2528"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9512
expires: Mon, 18 Sep 2023 15:43:57 GMT

GET
H2 200 hsbc_card.svg
cdn.crezu.net/offers_data/images/ 184 KB
185 KB 53ms
47ms Image
image/svg+xml 35.201.76.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.crezu.net/offers_data/images/hsbc_card.svg
Requested by: Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3&sub3=sl-crm&sub4=0&sub5=&sub6=5&sub7=&sub8=&sub9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.76.201.35.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 211e094c1dd908e57c089091b6009b69ab57c591aa1cac3aa6ff80339441c70d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 15:44:32 GMT
via: 1.1 google
last-modified: Fri, 22 Jul 2022 14:42:46 GMT
server: nginx/1.14.0 (Ubuntu)
age: 96385
etag: "62dab766-2e190"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 188816
expires: Mon, 18 Sep 2023 15:44:32 GMT

GET
H2 200 Tarjeta_Coppel.svg
cdn.crezu.net/offers_data/images/ 51 KB
52 KB 39ms
33ms Image
image/svg+xml 35.201.76.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.crezu.net/offers_data/images/Tarjeta_Coppel.svg
Requested by: Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3&sub3=sl-crm&sub4=0&sub5=&sub6=5&sub7=&sub8=&sub9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.76.201.35.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 97d067ec411fe2fca3baca0556a1cfe331433d7a2e92a17edca9d2846d951883

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 15:43:32 GMT
via: 1.1 google
last-modified: Fri, 27 May 2022 10:18:03 GMT
server: nginx/1.14.0 (Ubuntu)
age: 96445
etag: "6290a55b-cddd"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52701
expires: Mon, 18 Sep 2023 15:43:32 GMT

GET
H2 200 kueski.svg
cdn.crezu.net/offers_data/images/ 12 KB
12 KB 60ms
54ms Image
image/svg+xml 35.201.76.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.crezu.net/offers_data/images/kueski.svg
Requested by: Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3&sub3=sl-crm&sub4=0&sub5=&sub6=5&sub7=&sub8=&sub9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.76.201.35.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 0210f43e51bea294e09675180d227d940563f7b29c0ca84a5a9a5337c802fbda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 16:39:21 GMT
via: 1.1 google
last-modified: Wed, 02 Feb 2022 09:17:30 GMT
server: nginx/1.14.0 (Ubuntu)
age: 93096
etag: "61fa4c2a-306c"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12396
expires: Mon, 18 Sep 2023 16:39:21 GMT

GET
H2 200 vivus.svg
cdn.crezu.net/offers_data/images/ 3 KB
3 KB 38ms
33ms Image
image/svg+xml 35.201.76.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.crezu.net/offers_data/images/vivus.svg
Requested by: Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3&sub3=sl-crm&sub4=0&sub5=&sub6=5&sub7=&sub8=&sub9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.76.201.35.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 5e37eed5fe086f3d4b30f5918ce80d5dcd5c38473c6497c26160710addeea013

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 15:43:58 GMT
via: 1.1 google
last-modified: Mon, 31 Oct 2022 07:35:30 GMT
server: nginx/1.14.0 (Ubuntu)
age: 96419
etag: "635f7ac2-cff"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3327
expires: Mon, 18 Sep 2023 15:43:58 GMT

GET
H2 200 cards.png
cdn.crezu.net/offers/src/assets/img/ 23 KB
23 KB 35ms
29ms Image
image/png 35.201.76.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.crezu.net/offers/src/assets/img/cards.png
Requested by: Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3&sub3=sl-crm&sub4=0&sub5=&sub6=5&sub7=&sub8=&sub9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.76.201.35.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 726308d60991c0af0e4e25515249c1a2adc3976fad41b2ca22bb8f1380ace4cb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 05:58:30 GMT
via: 1.1 google
last-modified: Tue, 22 Feb 2022 09:44:23 GMT
server: nginx/1.14.0 (Ubuntu)
age: 45147
etag: "6214b077-5a97"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23191
expires: Tue, 19 Sep 2023 05:58:30 GMT

GET
H2 200 lendon_Natural.svg
cdn.crezu.net/offers_data/images/ 7 KB
8 KB 37ms
32ms Image
image/svg+xml 35.201.76.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.crezu.net/offers_data/images/lendon_Natural.svg
Requested by: Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3&sub3=sl-crm&sub4=0&sub5=&sub6=5&sub7=&sub8=&sub9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.76.201.35.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 59007db18fb460f46e101a5d9a656580322234f0c41e22cffff4b375022597ce

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 15:47:36 GMT
via: 1.1 google
last-modified: Mon, 12 Dec 2022 11:43:18 GMT
server: nginx/1.14.0 (Ubuntu)
age: 96201
etag: "639713d6-1d8b"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7563
expires: Mon, 18 Sep 2023 15:47:36 GMT

GET
H2 200 tarjetas_online_1.png
cdn.crezu.net/offers_data/images/ 43 KB
43 KB 44ms
39ms Image
image/png 35.201.76.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.crezu.net/offers_data/images/tarjetas_online_1.png
Requested by: Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3&sub3=sl-crm&sub4=0&sub5=&sub6=5&sub7=&sub8=&sub9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.76.201.35.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 56814b7d406e980f2304225a2a68993319fec77317a2fefc1b3223bf6237d855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 15:43:32 GMT
via: 1.1 google
last-modified: Wed, 03 Aug 2022 12:56:28 GMT
server: nginx/1.14.0 (Ubuntu)
age: 96445
etag: "62ea707c-aa2f"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43567
expires: Mon, 18 Sep 2023 15:43:32 GMT

GET
H2 200 credilikeme.svg
cdn.crezu.net/offers_data/images/ 11 KB
11 KB 42ms
37ms Image
image/svg+xml 35.201.76.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.crezu.net/offers_data/images/credilikeme.svg
Requested by: Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3&sub3=sl-crm&sub4=0&sub5=&sub6=5&sub7=&sub8=&sub9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.76.201.35.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e6c5c461893723c63bc895efa9b77800585897c98156560e66e6db75a10f6b0d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 15:45:20 GMT
via: 1.1 google
last-modified: Wed, 02 Feb 2022 09:23:50 GMT
server: nginx/1.14.0 (Ubuntu)
age: 96337
etag: "61fa4da6-2bfa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11258
expires: Mon, 18 Sep 2023 15:45:20 GMT

GET
H2 200 i-coin.svg
cdn.crezu.net/offers/src/assets/img/ 451 B
574 B 33ms
29ms Image
image/svg+xml 35.201.76.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.crezu.net/offers/src/assets/img/i-coin.svg
Requested by: Host: cdn.crezu.net
URL: https://cdn.crezu.net/offers/dist/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.76.201.35.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: c50c9d76ad4e28c150f09dfa4f6d2fc6e1adb5eadf841b9b6a28ea55c3b45021

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.crezu.net/offers/dist/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 15:43:04 GMT
via: 1.1 google
last-modified: Tue, 22 Feb 2022 09:44:23 GMT
server: nginx/1.14.0 (Ubuntu)
age: 96473
etag: "6214b077-1c3"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 451
expires: Mon, 18 Sep 2023 15:43:04 GMT

GET
H2 200 chip.png
cdn.crezu.net/offers/src/assets/img/ 298 B
398 B 80ms
76ms Image
image/png 35.201.76.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.crezu.net/offers/src/assets/img/chip.png
Requested by: Host: cdn.crezu.net
URL: https://cdn.crezu.net/offers/dist/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.76.201.35.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 6c119d365fbfa2a92664014792d670928a767572e90434a25aa95b6af6f29671

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.crezu.net/offers/dist/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 15:43:32 GMT
via: 1.1 google
last-modified: Mon, 21 Mar 2022 13:49:59 GMT
server: nginx/1.14.0 (Ubuntu)
age: 96445
etag: "62388287-12a"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 298
expires: Mon, 18 Sep 2023 15:43:32 GMT

GET
H2 200 i-bank.svg
cdn.crezu.net/offers/src/assets/img/ 407 B
534 B 80ms
76ms Image
image/svg+xml 35.201.76.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.crezu.net/offers/src/assets/img/i-bank.svg
Requested by: Host: cdn.crezu.net
URL: https://cdn.crezu.net/offers/dist/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.76.201.35.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 497cb0686a5f7b490fd58b319740c7b50a68918644b66f6c289d266b768be6e1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.crezu.net/offers/dist/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 17:24:03 GMT
via: 1.1 google
last-modified: Tue, 15 Mar 2022 13:43:22 GMT
server: nginx/1.14.0 (Ubuntu)
age: 4014
etag: "623097fa-197"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 407
expires: Tue, 19 Sep 2023 17:24:03 GMT

GET
H2 200 i-card.svg
cdn.crezu.net/offers/src/assets/img/ 1 KB
1 KB 79ms
75ms Image
image/svg+xml 35.201.76.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.crezu.net/offers/src/assets/img/i-card.svg
Requested by: Host: cdn.crezu.net
URL: https://cdn.crezu.net/offers/dist/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.76.201.35.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 3524705a4e41f826d205a6a2da1cde39f5f27725fc91971e87a7a68cdeeb2821

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.crezu.net/offers/dist/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 15:43:14 GMT
via: 1.1 google
last-modified: Tue, 22 Aug 2023 11:12:40 GMT
server: nginx/1.14.0 (Ubuntu)
age: 96463
etag: "64e49828-437"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1079
expires: Mon, 18 Sep 2023 15:43:14 GMT

GET
H3 200 Montserrat-Regular.ttf
cdn.crezu.net/offers/src/assets/fonts/montserrat/ 314 KB
314 KB 40ms
38ms Font
application/octet-stream 35.201.76.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.crezu.net/offers/src/assets/fonts/montserrat/Montserrat-Regular.ttf
Requested by: Host: cdn.crezu.net
URL: https://cdn.crezu.net/offers/dist/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.76.201.35.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e422c9e7b193c43036b49343e86201a4adf09795984214ead171606cb4df86d5

Request headers

Referer: https://cdn.crezu.net/offers/dist/style.css
Origin: https://andacredito.mx
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 18:30:57 GMT
via: 1.1 google
last-modified: Thu, 24 Mar 2022 10:14:47 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "623c4497-4e8a0"
content-type: application/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 321696

GET
H3 200 Montserrat-SemiBold.ttf
cdn.crezu.net/offers/src/assets/fonts/montserrat/ 312 KB
312 KB 40ms
38ms Font
application/octet-stream 35.201.76.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.crezu.net/offers/src/assets/fonts/montserrat/Montserrat-SemiBold.ttf
Requested by: Host: cdn.crezu.net
URL: https://cdn.crezu.net/offers/dist/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.76.201.35.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a2bfd4107782129b2db1fbeca09be2eb6e311180f7349cd53ad32b2b6be82934

Request headers

Referer: https://cdn.crezu.net/offers/dist/style.css
Origin: https://andacredito.mx
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 18:30:57 GMT
via: 1.1 google
last-modified: Thu, 24 Mar 2022 10:14:47 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "623c4497-4e038"
content-type: application/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 319544

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/ 379 KB
129 KB 149ms
148ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6373705936907274&plah=andacredito.mx

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d225ce3bf8b0b2c3cc1a8028659586ca30d3553ad3be2408e0a4ee3b0463eb3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 18:30:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131798
x-xss-protection: 0
server: cafe
etag: 11551807980415106355
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 18:30:57 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230907/r20190131/ Frame 3C9A 10 KB
4 KB 34ms
33ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230907/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://andacredito.mx/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 37334
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4438
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Sep 2023 08:08:43 GMT
etag: 8554266389219770021
expires: Tue, 26 Sep 2023 08:08:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 395 B
608 B 118ms
43ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=andacredito.mx&callback=_gfp_s_&client=ca-pub-6373705936907274

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6373705936907274&plah=andacredito.mx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eac3f07815825f314cbd599406db39830c4c2a190e12b6f5a0224c1d49da9d96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 18:30:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 256
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8551 114 KB
39 KB 902ms
901ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373705936907274&output=html&h=280&slotname=7429060818&adk=1462056812&adf=3069310087&pi=t.ma~as.7429060818&w=910&fwrn=4&fwrnh=100&lmt=1673874971&rafmt=1&format=910x280&url=https%3A%2F%2Fandacredito.mx%2Flanding%2Foffers%3Fsub1%3Defb720285b2f4bf9b1c31668b81689ff%26sub2%3Dmx-sms-welcome3%26sub3%3Dsl-crm%26sub4%3D0%26sub5%3D%26sub6%3D5%26sub7%3D%26sub8%3D%26sub9%3D&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694543457162&bpp=3&bdt=670&idt=307&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&correlator=5146804810180&frm=20&pv=2&ga_vid=1289939299.1694543457&ga_sid=1694543457&ga_hid=1817543865&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=345&ady=1338&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C44797664&oid=2&pvsid=911798413310443&tmod=900902517&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=Kg3WjrRBRQ&p=https%3A//andacredito.mx&dtd=319

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f59a9a1cc3478d4ed24a777a014bf55c53f7abd360f1c41ddd4160fb9c1b4759

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://andacredito.mx/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40345
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Sep 2023 18:30:58 GMT
expires: Tue, 12 Sep 2023 18:30:58 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8844 468 KB
79 KB 2160ms
2159ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373705936907274&output=html&adk=1812271804&adf=3025194257&lmt=1673874971&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=https%3A%2F%2Fandacredito.mx%2Flanding%2Foffers%3Fsub1%3Defb720285b2f4bf9b1c31668b81689ff%26sub2%3Dmx-sms-welcome3%26sub3%3Dsl-crm%26sub4%3D0%26sub5%3D%26sub6%3D5%26sub7%3D%26sub8%3D%26sub9%3D&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&asladp=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694543457174&bpp=1&bdt=682&idt=313&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=910x280&nras=1&correlator=5146804810180&frm=20&pv=1&ga_vid=1289939299.1694543457&ga_sid=1694543457&ga_hid=1817543865&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C44797664&oid=2&pvsid=911798413310443&tmod=900902517&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=321

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c801eaeb528d9ddb6fb95e2c2e61f7acb8ca89e494f35d4b60468ef8ecda3495

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://andacredito.mx/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 80481
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Sep 2023 18:30:59 GMT
expires: Tue, 12 Sep 2023 18:30:59 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 53C2 457 KB
76 KB 722ms
721ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373705936907274&output=html&adk=1812271804&adf=1573534164&lmt=1673874971&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=https%3A%2F%2Fandacredito.mx%2Flanding%2Foffers%3Fsub1%3Defb720285b2f4bf9b1c31668b81689ff%26sub2%3Dmx-sms-welcome3%26sub3%3Dsl-crm%26sub4%3D0%26sub5%3D%26sub6%3D5%26sub7%3D%26sub8%3D%26sub9%3D&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&asladp=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694543457175&bpp=1&bdt=683&idt=322&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=910x280%2C0x0&nras=2&correlator=5146804810180&frm=20&pv=1&ga_vid=1289939299.1694543457&ga_sid=1694543457&ga_hid=1817543865&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C44797664&oid=2&pvsid=911798413310443&tmod=900902517&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=325

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0dbf907d6c66bcd540901a6b2b26b9dbe8a353163dc1fd31febdc090e92d2bef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://andacredito.mx/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 78112
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Sep 2023 18:30:58 GMT
expires: Tue, 12 Sep 2023 18:30:58 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 i-push-close.svg
cdn.morecashpls.com/landings/img/ 639 B
781 B 30ms
29ms Image
image/svg+xml 34.107.249.96
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.morecashpls.com/landings/img/i-push-close.svg
Requested by: Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3&sub3=sl-crm&sub4=0&sub5=&sub6=5&sub7=&sub8=&sub9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.249.96 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 96.249.107.34.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 5e0440d1f014655b2a7c9a0ce23aa09e79d49d7afce588d3f7d54a89e92ceb6f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 10:05:01 GMT
via: 1.1 google
last-modified: Wed, 19 Feb 2020 16:11:55 GMT
server: nginx/1.14.0 (Ubuntu)
age: 116756
etag: "5e4d5e4b-27f"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 639
expires: Mon, 18 Sep 2023 10:05:01 GMT

GET
H2 200 i-push-01.svg
cdn.morecashpls.com/landings/img/ 1 KB
1 KB 30ms
30ms Image
image/svg+xml 34.107.249.96
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.morecashpls.com/landings/img/i-push-01.svg
Requested by: Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3&sub3=sl-crm&sub4=0&sub5=&sub6=5&sub7=&sub8=&sub9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.249.96 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 96.249.107.34.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 5bacac65cd03f5724f8e242261b6cd170831f4783c2f46c5885a9c32fdf84850

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 13:33:00 GMT
via: 1.1 google
last-modified: Wed, 19 Feb 2020 16:11:55 GMT
server: nginx/1.14.0 (Ubuntu)
age: 17877
etag: "5e4d5e4b-56f"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1391
expires: Tue, 19 Sep 2023 13:33:00 GMT

GET
H2 200 img-push-arrow.png
cdn.morecashpls.com/landings/img/ 20 KB
20 KB 31ms
30ms Image
image/png 34.107.249.96
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.morecashpls.com/landings/img/img-push-arrow.png
Requested by: Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3&sub3=sl-crm&sub4=0&sub5=&sub6=5&sub7=&sub8=&sub9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.249.96 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 96.249.107.34.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 194d53b4483d0fc25f7ccf7f5431893376d633324170f6366d4de0eb102fe25e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 10:26:57 GMT
via: 1.1 google
last-modified: Wed, 19 Feb 2020 16:11:55 GMT
server: nginx/1.14.0 (Ubuntu)
age: 115440
etag: "5e4d5e4b-5088"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20616
expires: Mon, 18 Sep 2023 10:26:57 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/ 154 KB
52 KB 137ms
137ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d11cd23dbdf741a4cf3e7765c1e8fb43dacaa9d149fcb26b162e0aa9c87a796

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 18:30:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53664
x-xss-protection: 0
server: cafe
etag: 8676282777168151042
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 18:30:58 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8551 4 KB
1 KB 199ms
71ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373705936907274&output=html&h=280&slotname=7429060818&adk=1462056812&adf=3069310087&pi=t.ma~as.7429060818&w=910&fwrn=4&fwrnh=100&lmt=1673874971&rafmt=1&format=910x280&url=https%3A%2F%2Fandacredito.mx%2Flanding%2Foffers%3Fsub1%3Defb720285b2f4bf9b1c31668b81689ff%26sub2%3Dmx-sms-welcome3%26sub3%3Dsl-crm%26sub4%3D0%26sub5%3D%26sub6%3D5%26sub7%3D%26sub8%3D%26sub9%3D&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694543457162&bpp=3&bdt=670&idt=307&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&correlator=5146804810180&frm=20&pv=2&ga_vid=1289939299.1694543457&ga_sid=1694543457&ga_hid=1817543865&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=345&ady=1338&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C44797664&oid=2&pvsid=911798413310443&tmod=900902517&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=Kg3WjrRBRQ&p=https%3A//andacredito.mx&dtd=319

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 12 Sep 2023 18:30:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 17:42:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 12 Sep 2023 18:30:58 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/ Frame 8551 2 KB
973 B 112ms
38ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 09:36:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32088
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Sep 2023 09:36:10 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/ Frame 8551 23 KB
9 KB 113ms
40ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 09:36:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32088
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Sep 2023 09:36:10 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/ Frame 8551 3 KB
1 KB 111ms
39ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 16:32:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7087
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Sep 2023 16:32:51 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 689E 1 KB
643 B 61ms
59ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 9221
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Sep 2023 15:57:17 GMT
etag: 48472445140208031
expires: Wed, 13 Sep 2023 15:57:17 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/ Frame 8551 20 KB
8 KB 105ms
34ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 08:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37332
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Sep 2023 08:08:46 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8551 181 KB
57 KB 49ms
47ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9ce932a23de6195c13355d37d42ed655a4a8ad66a66c1754e442577c1d7e407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 18:30:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57894
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694432528947753"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 18:30:58 GMT

GET
H2 200 1c0c92110fea9bdf1302b7cf16d857ac.js Show response
www.gstatic.com/mysidia/ Frame 8551 36 KB
15 KB 110ms
33ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1c0c92110fea9bdf1302b7cf16d857ac.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

143d681dc8ed67d5acf692ab8bd8f25a87b411bad534980984107887c6f82af2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 09:36:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32088
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15112
x-xss-protection: 0
last-modified: Wed, 06 Sep 2023 19:29:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 11 Dec 2023 09:36:10 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/41631725641885733/ Frame 8551 28 KB
28 KB 133ms
63ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/41631725641885733/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ea6ebe08f85bbfee5d196369ede9a3e5ee047c38034246ec4552a9168ff2a47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 10:53:13 GMT
x-content-type-options: nosniff
age: 27465
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28380
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 01:28:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 11 Sep 2024 10:53:13 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/1318648999399748566/ Frame 8551 1 KB
1 KB 116ms
46ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1318648999399748566/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2947cfa33e2bcd40666fb9ecd853d7055ee7c6d116303c27ea97416a5133e1dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 07:48:10 GMT
x-content-type-options: nosniff
age: 124968
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1182
x-xss-protection: 0
last-modified: Wed, 19 Oct 2022 11:56:09 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Sep 2024 07:48:10 GMT

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 202ms
137ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6373705936907274&plah=andacredito.mx
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://andacredito.mx/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 689E
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEF_QsHMdzBA41b4nStZt-PA&google_cver=1&google_push=AXcoOmRObebBCb9Wkx87TB5nJXYcAZkfRZH8L_BZjoL8y4HtBVPj4mQXRnBtrRJO83gDPBgo6HT6OOoMG3kNJrOtlL2s3d0KTOZh8wmQ
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODk5NDE0ODQ4MTY2MTMxNjEyOQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEF_QsHMdzBA41b4nStZt-PA&google_cver=1

43 B
398 B

29ms
26ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEF_QsHMdzBA41b4nStZt-PA&google_cver=1
Requested by: Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3&sub3=sl-crm&sub4=0&sub5=&sub6=5&sub7=&sub8=&sub9=
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 12 Sep 2023 18:30:58 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 12 Sep 2023 18:30:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEF_QsHMdzBA41b4nStZt-PA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 689E 35 B
463 B 121ms
34ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENwFA3_HkAs3uTQEn71_-aU&google_cver=1&google_push=AXcoOmQZ7svpyZc6w-XFiccojxZzn24iPgwZjC2Q21R_X484jqY8zn23hayi5WqL-1edVtY4aebSNKIgKz-UA4BQkP3gU1mY8umBGcO4

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 18:30:58 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 689E 0
104 B 263ms
49ms Image
text/plain 2a02:fa8:8806:20::2040
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEDds7-5Cca97pPIubEpFkEE&google_cver=1&google_push=AXcoOmQs8fEqSybcvf5h5vty11_Ygy8_PJbFCwCc9n4UnlHZu4EWbyWv4960CNBPoNLvH2c658kZCa_FJSfqIxlWTEcHcvr62QXfnML1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373705936907274&output=html&h=280&slotname=7429060818&adk=1462056812&adf=3069310087&pi=t.ma~as.7429060818&w=910&fwrn=4&fwrnh=100&lmt=1673874971&rafmt=1&format=910x280&url=https%3A%2F%2Fandacredito.mx%2Flanding%2Foffers%3Fsub1%3Defb720285b2f4bf9b1c31668b81689ff%26sub2%3Dmx-sms-welcome3%26sub3%3Dsl-crm%26sub4%3D0%26sub5%3D%26sub6%3D5%26sub7%3D%26sub8%3D%26sub9%3D&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694543457162&bpp=3&bdt=670&idt=307&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&correlator=5146804810180&frm=20&pv=2&ga_vid=1289939299.1694543457&ga_sid=1694543457&ga_hid=1817543865&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=345&ady=1338&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C44797664&oid=2&pvsid=911798413310443&tmod=900902517&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=Kg3WjrRBRQ&p=https%3A//andacredito.mx&dtd=319
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 18:30:58 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 689E 0
173 B 98ms
32ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEN0wkHCO2YLvM5fNdKbVtxM&google_cver=1&google_push=AXcoOmTH0SdGAaPpe5geDO4WYthEh2ZhdAd7yVyau8MyyjsuFsfk6xv4SkXxE43w6K8qHu-DgusKjlbMI7jdEj6Wu7Y0l_i7_FVvFT0M
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373705936907274&output=html&h=280&slotname=7429060818&adk=1462056812&adf=3069310087&pi=t.ma~as.7429060818&w=910&fwrn=4&fwrnh=100&lmt=1673874971&rafmt=1&format=910x280&url=https%3A%2F%2Fandacredito.mx%2Flanding%2Foffers%3Fsub1%3Defb720285b2f4bf9b1c31668b81689ff%26sub2%3Dmx-sms-welcome3%26sub3%3Dsl-crm%26sub4%3D0%26sub5%3D%26sub6%3D5%26sub7%3D%26sub8%3D%26sub9%3D&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694543457162&bpp=3&bdt=670&idt=307&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&correlator=5146804810180&frm=20&pv=2&ga_vid=1289939299.1694543457&ga_sid=1694543457&ga_hid=1817543865&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=345&ady=1338&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C44797664&oid=2&pvsid=911798413310443&tmod=900902517&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=Kg3WjrRBRQ&p=https%3A//andacredito.mx&dtd=319
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 18:30:58 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 689E
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmQnA7PJglkPcotAPjCh8x1af_3k6ernpW2XJ-w3PkbThRjFYtN0G7WBG64qWygC708GuG5GB4qT2vCXHuStiGELp2mFBZmZFaIn&google_gid=CAESEGG48gyYeFjlVRo-Pk8FJmo...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCOLcgqgGEgUI6AcQAEIASnRnb29nbGVfcHVzaD1BWGNvT21RbkE3UEpnbGtQY290QVBqQ2g4eDFhZl8zazZlcm5wVzJYSi13M1BrYlRoUmpGWXROMEc3V0JHNjRxV3lnQzcwOEd1RzVHQjRxVDJ2Q1hIdV...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwWDRKek1WQmhHSFlFOGp5ZkNOU01aOTE5aFBfZnFrWHhXQzRBRWpEemtRdw==&google_push

170 B
243 B

46ms
44ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwWDRKek1WQmhHSFlFOGp5ZkNOU01aOTE5aFBfZnFrWHhXQzRBRWpEemtRdw==&google_push

Requested by

Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3&sub3=sl-crm&sub4=0&sub5=&sub6=5&sub7=&sub8=&sub9=

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 18:30:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 12 Sep 2023 18:30:58 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwWDRKek1WQmhHSFlFOGp5ZkNOU01aOTE5aFBfZnFrWHhXQzRBRWpEemtRdw==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 689E
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESED_e_Qp7duUKi0ZtSolIQI0&google_cver=1&google_push=AXcoOmTEciRNhK4poccbgLPdMkZx8woZJPP6k8ng7DQyzQBseAfY_AsyeTEshu0ijo8UnVNpQ_GER5-3kyeuPzgIgP7S61A...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTEciRNhK4poccbgLPdMkZx8woZJPP6k8ng7DQyzQBseAfY_AsyeTEshu0ijo8UnVNpQ_GER5-3kyeuPzgIgP7S61ASfAtd3O7v&google_hm=eS1ybkFKU2tKRTJwR0...

170 B
232 B

46ms
42ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTEciRNhK4poccbgLPdMkZx8woZJPP6k8ng7DQyzQBseAfY_AsyeTEshu0ijo8UnVNpQ_GER5-3kyeuPzgIgP7S61ASfAtd3O7v&google_hm=eS1ybkFKU2tKRTJwR09FTFFyQy5wd2hBRnFNczJFaWJTSH5B

Requested by

Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3&sub3=sl-crm&sub4=0&sub5=&sub6=5&sub7=&sub8=&sub9=

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 18:30:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 12 Sep 2023 18:30:58 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTEciRNhK4poccbgLPdMkZx8woZJPP6k8ng7DQyzQBseAfY_AsyeTEshu0ijo8UnVNpQ_GER5-3kyeuPzgIgP7S61ASfAtd3O7v&google_hm=eS1ybkFKU2tKRTJwR09FTFFyQy5wd2hBRnFNczJFaWJTSH5B
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 689E 43 B
363 B 86ms
26ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTz7v3wQihuLe_yt2JoER9TgSBJGsDJbf_nLtvEuKHlo-bPB1DL504qb-E1-vehoi8FyLvc3buIoacktTJQFBzKIHpej4ZoQsWi&google_gid=CAESEAJ-DwF6v6Ke29CKWd9YY-Q&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 18:30:57 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 217849
expires: Tue, 12 Sep 2023 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 689E 0
130 B 125ms
42ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IAAnrtOlTaT58Yo1POsvuLD84i4BAnzgvLJ3S9vwDs4gsqgE2MehgdieuJ_YvIMwlgavmm

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 18:30:58 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 8551 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 937a4c01769bb19e6e7c195860b3a0d3d8a6d729be9608b39923b8013b3e6254

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/ Frame DC7F 10 KB
4 KB 35ms
34ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://andacredito.mx/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 37333
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4438
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Sep 2023 08:08:45 GMT
etag: 8554266389219770021
expires: Tue, 26 Sep 2023 08:08:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/ Frame 8CF2 10 KB
4 KB 34ms
33ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://andacredito.mx/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 37333
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4438
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Sep 2023 08:08:45 GMT
etag: 8554266389219770021
expires: Tue, 26 Sep 2023 08:08:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/ Frame B93B 10 KB
4 KB 34ms
33ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://andacredito.mx/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 37333
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4438
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Sep 2023 08:08:45 GMT
etag: 8554266389219770021
expires: Tue, 26 Sep 2023 08:08:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8551 16 KB
16 KB 115ms
32ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 17:26:14 GMT
x-content-type-options: nosniff
age: 3884
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Sep 2024 17:26:14 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8551 15 KB
15 KB 123ms
41ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 22:08:16 GMT
x-content-type-options: nosniff
age: 505362
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Sep 2024 22:08:16 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 8551
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CyA7XYa4AZYLiIIe86wTJqJG4As7y4vdytLqt1YgSp-mrioEwEAEgz8OZc2CRhKCFjBigAYSMmbwCyAEJqAMByAPLBKoE3gJP0GnL5q0pAFSp6Yshl1hGPGK0Fsywbx1JpS_HR0N5WJvzpZg...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221747745891332855143%22,%22debug_reporting%22:true,%22destination%22:%22https://tiktok.com%22,%22event_report_window%22:%22...

0
0

218ms
93ms

Fetch
text/css

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221747745891332855143%22,%22debug_reporting%22:true,%22destination%22:%22https://tiktok.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22663111172%22],%224%22:[%2209-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213540991827155480849%22}&andc=true

Requested by

Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3&sub3=sl-crm&sub4=0&sub5=&sub6=5&sub7=&sub8=&sub9=

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 18:30:59 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"1747745891332855143","debug_reporting":true,"destination":"https://tiktok.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["663111172"],"4":["09-12"],"6":["true"]},"priority":"500","source_event_id":"13540991827155480849"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 12 Sep 2023 18:30:59 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 12 Sep 2023 18:30:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"1747745891332855143","debug_reporting":true,"destination":"https://tiktok.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["663111172"],"4":["09-12"],"6":["true"]},"priority":"500","source_event_id":"13540991827155480849"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js Show response
pagead2.googlesyndication.com/bg/ Frame 2AE5 37 KB
14 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f350967c95d52a5b2ef0c198acc3ae8192576d3fd96c6804716a16edee8faa03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 16:08:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8545
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14745
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Sep 2024 16:08:33 GMT

GET
H2 200 2ab36c0d951b69d9c04f85f5eb613648.js Show response
www.gstatic.com/mysidia/ Frame DC7F 9 KB
4 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2ab36c0d951b69d9c04f85f5eb613648.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50f36c6941b3a0b755df6e1c1ba6919dc8eeab051a52504ff431c3564d4d791a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 09:10:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 120040
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3933
x-xss-protection: 0
last-modified: Wed, 06 Sep 2023 19:29:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 10 Dec 2023 09:10:18 GMT

GET
H2 200 d25b659b0dd7add20d23ec95887fd393.js Show response
www.gstatic.com/mysidia/ Frame DC7F 11 KB
5 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d25b659b0dd7add20d23ec95887fd393.js?tag=text/vanilla_highlight_ms_cta_adjustment

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bd90a11f15a6e28af278037393b9041e3d8489a317f18baf60ac3c9b21c5fcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 10:36:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28481
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4877
x-xss-protection: 0
last-modified: Wed, 06 Sep 2023 19:29:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 11 Dec 2023 10:36:17 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame DC7F 14 KB
1 KB 89ms
87ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 12 Sep 2023 18:30:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 17:39:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 12 Sep 2023 18:30:58 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/9299065756534308918/ Frame DC7F 2 KB
2 KB 42ms
40ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9299065756534308918/14763004658117789537?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ceed65dceb1a6be9cf95f06f2070a0573aa605be00c24340fe07f4f9a8de30b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 09:47:37 GMT
x-content-type-options: nosniff
age: 117801
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1883
x-xss-protection: 0
last-modified: Sat, 25 Jun 2022 06:00:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Sep 2024 09:47:37 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/ Frame DC7F 2 KB
926 B 37ms
35ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 09:36:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32088
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Sep 2023 09:36:10 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/ Frame DC7F 23 KB
9 KB 38ms
35ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 09:36:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32088
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Sep 2023 09:36:10 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/ Frame DC7F 3 KB
1 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 16:32:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7087
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Sep 2023 16:32:51 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/ Frame DC7F 20 KB
8 KB 33ms
31ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 08:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37332
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Sep 2023 08:08:46 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame DC7F 0
0 43ms
41ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSOv7F6u782fO6zm-sLlvB4guaVNqIQ4EGApJFdM5b0WQSMpeh1q6JRxH0v3hodsUWhcXRBRgCi4ZxmQUWTFne-cbPzsw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DC7F 181 KB
57 KB 53ms
51ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9ce932a23de6195c13355d37d42ed655a4a8ad66a66c1754e442577c1d7e407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 18:30:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57894
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694432528947753"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 18:30:58 GMT

GET
H2 200 1c0c92110fea9bdf1302b7cf16d857ac.js Show response
www.gstatic.com/mysidia/ Frame DC7F 36 KB
15 KB 38ms
36ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1c0c92110fea9bdf1302b7cf16d857ac.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

143d681dc8ed67d5acf692ab8bd8f25a87b411bad534980984107887c6f82af2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 09:36:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32088
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15112
x-xss-protection: 0
last-modified: Wed, 06 Sep 2023 19:29:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 11 Dec 2023 09:36:10 GMT

GET
H2 200 2ab36c0d951b69d9c04f85f5eb613648.js Show response
www.gstatic.com/mysidia/ Frame 8CF2 9 KB
4 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2ab36c0d951b69d9c04f85f5eb613648.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50f36c6941b3a0b755df6e1c1ba6919dc8eeab051a52504ff431c3564d4d791a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 09:10:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 120040
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3933
x-xss-protection: 0
last-modified: Wed, 06 Sep 2023 19:29:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 10 Dec 2023 09:10:18 GMT

GET
H2 200 d25b659b0dd7add20d23ec95887fd393.js Show response
www.gstatic.com/mysidia/ Frame 8CF2 11 KB
5 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d25b659b0dd7add20d23ec95887fd393.js?tag=text/vanilla_highlight_ms_cta_adjustment

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bd90a11f15a6e28af278037393b9041e3d8489a317f18baf60ac3c9b21c5fcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 10:36:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28481
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4877
x-xss-protection: 0
last-modified: Wed, 06 Sep 2023 19:29:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 11 Dec 2023 10:36:17 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8CF2 14 KB
1 KB 71ms
68ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 12 Sep 2023 18:30:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/ro
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 17:36:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 12 Sep 2023 18:30:58 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/9299065756534308918/ Frame 8CF2 4 KB
5 KB 47ms
43ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9299065756534308918/14763004658117789537?w=200&h=200

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1f835e634193bba0f34a07e694532e8bdbe427e99e7130984c5765e53949be6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 06:23:20 GMT
x-content-type-options: nosniff
age: 130058
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4569
x-xss-protection: 0
last-modified: Sat, 25 Jun 2022 06:00:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Sep 2024 06:23:20 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/ Frame 8CF2 2 KB
926 B 42ms
38ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 09:36:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32088
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Sep 2023 09:36:10 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/ Frame 8CF2 23 KB
9 KB 43ms
38ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 09:36:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32088
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Sep 2023 09:36:10 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/ Frame 8CF2 3 KB
1 KB 46ms
41ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 16:32:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7087
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Sep 2023 16:32:51 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/ Frame 8CF2 20 KB
8 KB 39ms
34ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 08:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37332
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Sep 2023 08:08:46 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 8CF2 0
0 45ms
41ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSD12020GDzN42Ab2ovnlz6dOC-lwd577VlTtP_apNO52ecsanRi-qSSoxi5EUNFVtklnmzPxM-w2D3uitTInum-Fg3cw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8CF2 181 KB
57 KB 90ms
88ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9ce932a23de6195c13355d37d42ed655a4a8ad66a66c1754e442577c1d7e407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 18:30:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57894
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694432528947753"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 18:30:58 GMT

GET
H2 200 1c0c92110fea9bdf1302b7cf16d857ac.js Show response
www.gstatic.com/mysidia/ Frame 8CF2 36 KB
15 KB 61ms
58ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1c0c92110fea9bdf1302b7cf16d857ac.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

143d681dc8ed67d5acf692ab8bd8f25a87b411bad534980984107887c6f82af2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 09:36:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32088
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15112
x-xss-protection: 0
last-modified: Wed, 06 Sep 2023 19:29:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 11 Dec 2023 09:36:10 GMT

GET
H2 200 2ab36c0d951b69d9c04f85f5eb613648.js Show response
www.gstatic.com/mysidia/ Frame B93B 9 KB
4 KB 47ms
45ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2ab36c0d951b69d9c04f85f5eb613648.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50f36c6941b3a0b755df6e1c1ba6919dc8eeab051a52504ff431c3564d4d791a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 09:10:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 120040
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3933
x-xss-protection: 0
last-modified: Wed, 06 Sep 2023 19:29:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 10 Dec 2023 09:10:18 GMT

GET
H2 200 d25b659b0dd7add20d23ec95887fd393.js Show response
www.gstatic.com/mysidia/ Frame B93B 11 KB
5 KB 49ms
47ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d25b659b0dd7add20d23ec95887fd393.js?tag=text/vanilla_highlight_ms_cta_adjustment

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bd90a11f15a6e28af278037393b9041e3d8489a317f18baf60ac3c9b21c5fcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 10:36:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28481
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4877
x-xss-protection: 0
last-modified: Wed, 06 Sep 2023 19:29:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 11 Dec 2023 10:36:17 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B93B 14 KB
1 KB 70ms
69ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 12 Sep 2023 18:30:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 17:37:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 12 Sep 2023 18:30:58 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/9299065756534308918/ Frame B93B 4 KB
5 KB 60ms
59ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9299065756534308918/14763004658117789537?w=200&h=200

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1f835e634193bba0f34a07e694532e8bdbe427e99e7130984c5765e53949be6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 06:23:20 GMT
x-content-type-options: nosniff
age: 130058
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4569
x-xss-protection: 0
last-modified: Sat, 25 Jun 2022 06:00:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Sep 2024 06:23:20 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/ Frame B93B 2 KB
926 B 62ms
61ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 09:36:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32088
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Sep 2023 09:36:10 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/ Frame B93B 23 KB
9 KB 63ms
61ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 09:36:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32088
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Sep 2023 09:36:10 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/ Frame B93B 3 KB
1 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 16:32:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7087
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Sep 2023 16:32:51 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/ Frame B93B 20 KB
8 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 08:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37332
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Sep 2023 08:08:46 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B93B 181 KB
57 KB 94ms
93ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9ce932a23de6195c13355d37d42ed655a4a8ad66a66c1754e442577c1d7e407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 18:30:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57894
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694432528947753"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 18:30:58 GMT

GET
H2 200 1c0c92110fea9bdf1302b7cf16d857ac.js Show response
www.gstatic.com/mysidia/ Frame B93B 36 KB
15 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1c0c92110fea9bdf1302b7cf16d857ac.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

143d681dc8ed67d5acf692ab8bd8f25a87b411bad534980984107887c6f82af2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 09:36:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32088
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15112
x-xss-protection: 0
last-modified: Wed, 06 Sep 2023 19:29:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 11 Dec 2023 09:36:10 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 11C1 143 B
166 B 36ms
34ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 435
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Sep 2023 18:23:43 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 065E 1 KB
643 B 61ms
59ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 9221
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Sep 2023 15:57:17 GMT
etag: 48472445140208031
expires: Wed, 13 Sep 2023 15:57:17 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 241ms
96ms Preflight
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 12 Sep 2023 18:30:58 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A0E8 143 B
166 B 34ms
33ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 435
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Sep 2023 18:23:43 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D05F 1 KB
643 B 59ms
59ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 9221
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Sep 2023 15:57:17 GMT
etag: 48472445140208031
expires: Wed, 13 Sep 2023 15:57:17 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EACA 143 B
166 B 34ms
33ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 435
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Sep 2023 18:23:43 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 62F3 1 KB
643 B 60ms
59ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 9221
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Sep 2023 15:57:17 GMT
etag: 48472445140208031
expires: Wed, 13 Sep 2023 15:57:17 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 065E
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESENEIei_V6iRFyLBswkL-_dk&google_cver=1&google_push=AXcoOmToQ-f3cGY3I1lgxWCOtoa47ApqJaD3HOb54UZ0o3OLp-JIutaWc9AxTfJ4kaQzgrIGfBaOuxPnNvg_YH3cKgnF2wQVCwrg7f4
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODk5NDE0ODQ4MTY2MTMxNjEyOQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEF_QsHMdzBA41b4nStZt-PA&google_cver=1

43 B
398 B

149ms
148ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEF_QsHMdzBA41b4nStZt-PA&google_cver=1
Requested by: Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3&sub3=sl-crm&sub4=0&sub5=&sub6=5&sub7=&sub8=&sub9=
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 12 Sep 2023 18:30:58 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 12 Sep 2023 18:30:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEF_QsHMdzBA41b4nStZt-PA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 065E
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKmCpifcpaDIlb8WZIiYD-Y&google_cver=1&google_push=AXcoOmQwUix8yOqXdRmirFFx-BmLcsqGoRmXsDvoJAhi5TxwjdGrmYUUON...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmQwUix8yOqXdRmirFFx-BmLcsqGoRmXsDvoJAhi5TxwjdGrmYUUON3cNfUfvqhXThxfyalVdRcpJtN4_tyGNwTFC_juJJr9ttw&google_hm=tBBPRNq4W...

170 B
188 B

42ms
42ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmQwUix8yOqXdRmirFFx-BmLcsqGoRmXsDvoJAhi5TxwjdGrmYUUON3cNfUfvqhXThxfyalVdRcpJtN4_tyGNwTFC_juJJr9ttw&google_hm=tBBPRNq4WMso9jZxfV2KMw

Requested by

Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3&sub3=sl-crm&sub4=0&sub5=&sub6=5&sub7=&sub8=&sub9=

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 18:30:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmQwUix8yOqXdRmirFFx-BmLcsqGoRmXsDvoJAhi5TxwjdGrmYUUON3cNfUfvqhXThxfyalVdRcpJtN4_tyGNwTFC_juJJr9ttw&google_hm=tBBPRNq4WMso9jZxfV2KMw
pragma: no-cache
date: Tue, 12 Sep 2023 18:30:58 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 065E
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEMBHssNtg0pUJKwnmKY1LRs&google_cver=1&google_push=AXcoOmSH6wXLpfBCopjjhreb3MOH11eTSBdFU7yEFPN6T5HaXI90IXO2q0QYCn4M1gxmyym-VOxFPr6OWRhREGj39TTkO_bIzxk6z...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMBHssNtg0pUJKwnmKY1LRs&google_cver=1&google_push=AXcoOmSH6wXLpfBCopjjhreb3MOH11eTSBdFU7yEFPN6T5HaXI90IXO2q0QYCn4M1gxmyym-VOxFPr6OWRhREGj39TTkO_bIzxk...

43 B
426 B

195ms
194ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMBHssNtg0pUJKwnmKY1LRs&google_cver=1&google_push=AXcoOmSH6wXLpfBCopjjhreb3MOH11eTSBdFU7yEFPN6T5HaXI90IXO2q0QYCn4M1gxmyym-VOxFPr6OWRhREGj39TTkO_bIzxk6zA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSH6wXLpfBCopjjhreb3MOH11eTSBdFU7yEFPN6T5HaXI90IXO2q0QYCn4M1gxmyym-VOxFPr6OWRhREGj39TTkO_bIzxk6zA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3&sub3=sl-crm&sub4=0&sub5=&sub6=5&sub7=&sub8=&sub9=
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 18:30:59 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 805a398bae930bce-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 12 Sep 2023 18:30:59 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 238
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMBHssNtg0pUJKwnmKY1LRs&google_cver=1&google_push=AXcoOmSH6wXLpfBCopjjhreb3MOH11eTSBdFU7yEFPN6T5HaXI90IXO2q0QYCn4M1gxmyym-VOxFPr6OWRhREGj39TTkO_bIzxk6zA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSH6wXLpfBCopjjhreb3MOH11eTSBdFU7yEFPN6T5HaXI90IXO2q0QYCn4M1gxmyym-VOxFPr6OWRhREGj39TTkO_bIzxk6zA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 805a398a5c5b0bce-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 065E
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEIFa_QTJIEdMkRbFOjgcvvM&google_cver=1&google_push=AXcoOmROmpro5_7PDallcph-GXjyLlqddS5s1ZwFw4457IGaTmh58DIg3zRCL-KpMxX8MMkcTYdRHTWSpupGNF...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3ODAwODczMzc5MDYzMjA4Mg%3D%3D&google_push=AXcoOmROmpro5_7PDallcph-GXjyLlqddS5s1ZwFw4457IGaTmh58DIg3zRCL-KpMxX8MMkcTYdRHTWSpupGNFZVxC...

170 B
188 B

45ms
44ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3ODAwODczMzc5MDYzMjA4Mg%3D%3D&google_push=AXcoOmROmpro5_7PDallcph-GXjyLlqddS5s1ZwFw4457IGaTmh58DIg3zRCL-KpMxX8MMkcTYdRHTWSpupGNFZVxC5LiecUGk5kCcE

Requested by

Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3&sub3=sl-crm&sub4=0&sub5=&sub6=5&sub7=&sub8=&sub9=

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 18:30:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3ODAwODczMzc5MDYzMjA4Mg%3D%3D&google_push=AXcoOmROmpro5_7PDallcph-GXjyLlqddS5s1ZwFw4457IGaTmh58DIg3zRCL-KpMxX8MMkcTYdRHTWSpupGNFZVxC5LiecUGk5kCcE
Date: Tue, 12 Sep 2023 18:30:58 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 065E
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEIcUHCoTYHitWw29yHH5Njw&google_cver=1&google_push=AXcoOmQ0nCchCVFG_Vuut1uW5HCgpIPAGl-ImSXvKj8UQ80GZieJRdKOEsJMC0-nLQ4YyDRL5WbbmJH8RjgL4Xep...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=w60dX_1HTyO1kYa0UYjPOg&google_push=AXcoOmQ0nCchCVFG_Vuut1uW5HCgpIPAGl-ImSXvKj8UQ80GZieJRdKOEsJMC0-nLQ4YyDRL5WbbmJH8RjgL4XepWVSZyxKyt3UEyOc

170 B
188 B

45ms
44ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=w60dX_1HTyO1kYa0UYjPOg&google_push=AXcoOmQ0nCchCVFG_Vuut1uW5HCgpIPAGl-ImSXvKj8UQ80GZieJRdKOEsJMC0-nLQ4YyDRL5WbbmJH8RjgL4XepWVSZyxKyt3UEyOc

Requested by

Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3&sub3=sl-crm&sub4=0&sub5=&sub6=5&sub7=&sub8=&sub9=

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 18:30:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 12 Sep 2023 18:30:58 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=w60dX_1HTyO1kYa0UYjPOg&google_push=AXcoOmQ0nCchCVFG_Vuut1uW5HCgpIPAGl-ImSXvKj8UQ80GZieJRdKOEsJMC0-nLQ4YyDRL5WbbmJH8RjgL4XepWVSZyxKyt3UEyOc
x-host: tde-deliveryengine-production-845fcd7858-lz74l
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame 065E 43 B
146 B 112ms
33ms Image
image/gif 3.123.242.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJ1kr0q04mp9vc6D5G7CwIM&google_cver=1&google_push=AXcoOmTYCzdTOKGOpzGh8SEZHiJ-z__wsA5gfmyZIFEyNglG7uYrxhQEoJnDzcC07QY_5pt8LG6IHmz7jDlumdbD-gkz5qJ8m0_OfdA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.242.198 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-242-198.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 18:30:58 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 065E 43 B
362 B 32ms
26ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRQYwQwcvlyBzwgZW4_miABHb3-jBrs4R7mYnxn-q2vR0IYRwNkr9pAbdAaaWbV-fgdT1bZKGDwLWgJmy6awN3wLQHOG3h1KAc&google_gid=CAESEOKa97S57rBzXCGAC6NLxX0&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 18:30:58 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 230975
expires: Tue, 12 Sep 2023 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 065E 0
12 B 46ms
43ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KHBJDZv9XrU7PgFL15le3IejAGcRnN5b_sMLWMFBETXXXTkidLuxvFWMHs2Ln2pgEsBohM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 18:30:58 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame DC7F
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CN8qsYa4AZf6VIoXV6wTby56IC4q2ne9vy5eQ9bYNlL-1q64BEAEgz8OZc2CRhKCFjBigAdnj7sECyAEBqQKyk_JsigSyPqgDAcgDywSqBOQCT9AeYBTkgFveW6jAqhNsxBhIqTToEhI_dmY...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22831027826563187998%22,%22debug_reporting%22:true,%22destination%22:%22https://domek.nl%22,%22event_report_window%22:%22259...

0
0

170ms
95ms

Fetch
text/css

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22831027826563187998%22,%22debug_reporting%22:true,%22destination%22:%22https://domek.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22675000793%22],%224%22:[%2209-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226502207190647356785%22}&andc=true

Requested by

Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3&sub3=sl-crm&sub4=0&sub5=&sub6=5&sub7=&sub8=&sub9=

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 18:30:59 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"831027826563187998","debug_reporting":true,"destination":"https://domek.nl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["675000793"],"4":["09-12"],"6":["true"]},"priority":"500","source_event_id":"6502207190647356785"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 12 Sep 2023 18:30:59 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 12 Sep 2023 18:30:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"831027826563187998","debug_reporting":true,"destination":"https://domek.nl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["675000793"],"4":["09-12"],"6":["true"]},"priority":"500","source_event_id":"6502207190647356785"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 11C1
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

43ms
42ms

Document
text/html

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Sep 2023 18:30:58 GMT
expires: Tue, 12 Sep 2023 18:30:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Sep 2023 18:30:58 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js Show response
pagead2.googlesyndication.com/bg/ Frame A859 37 KB
14 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f350967c95d52a5b2ef0c198acc3ae8192576d3fd96c6804716a16edee8faa03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 16:08:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8545
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14745
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Sep 2024 16:08:33 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D05F
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKmCpifcpaDIlb8WZIiYD-Y&google_cver=1&google_push=AXcoOmRbJYxo8eNTr6T6MSZV-jAi6NZy1uiPGULUCOBLNVntXofOqO9ltG...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmRbJYxo8eNTr6T6MSZV-jAi6NZy1uiPGULUCOBLNVntXofOqO9ltGEvUM5nKxwVYrbu6reMXthoi2lUdejrmWsJcfWjU_leng&google_hm=tBBPRNq4WM...

170 B
188 B

44ms
44ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmRbJYxo8eNTr6T6MSZV-jAi6NZy1uiPGULUCOBLNVntXofOqO9ltGEvUM5nKxwVYrbu6reMXthoi2lUdejrmWsJcfWjU_leng&google_hm=tBBPRNq4WMso9jZxfV2KMw

Requested by

Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3&sub3=sl-crm&sub4=0&sub5=&sub6=5&sub7=&sub8=&sub9=

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 18:30:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmRbJYxo8eNTr6T6MSZV-jAi6NZy1uiPGULUCOBLNVntXofOqO9ltGEvUM5nKxwVYrbu6reMXthoi2lUdejrmWsJcfWjU_leng&google_hm=tBBPRNq4WMso9jZxfV2KMw
pragma: no-cache
date: Tue, 12 Sep 2023 18:30:58 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D05F
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEOhmH2wu7qXccYJCx_wxU8M&google_cver=1&google_push=AXcoOmRzQBAiJzJkmDm24hNtj90gzaOks2mY-Z8m1-grjN6s_i59ElUaaWUFYLhPiIqBVcgYnCUnsQT0jfMIbEZfMV7VXzYwZlqimA
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BAE417907EEF40AAAC2DAF945279B8E8&google_push=AXcoOmRzQBAiJzJkmDm24hNtj90gzaOks2mY-Z8m1-grjN6s_i59ElUaaWUFYLhPiIqBVcgYnCUnsQT0jfMIbEZ...

170 B
188 B

44ms
44ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BAE417907EEF40AAAC2DAF945279B8E8&google_push=AXcoOmRzQBAiJzJkmDm24hNtj90gzaOks2mY-Z8m1-grjN6s_i59ElUaaWUFYLhPiIqBVcgYnCUnsQT0jfMIbEZfMV7VXzYwZlqimA

Requested by

Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3&sub3=sl-crm&sub4=0&sub5=&sub6=5&sub7=&sub8=&sub9=

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 18:30:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 12 Sep 2023 18:30:59 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BAE417907EEF40AAAC2DAF945279B8E8&google_push=AXcoOmRzQBAiJzJkmDm24hNtj90gzaOks2mY-Z8m1-grjN6s_i59ElUaaWUFYLhPiIqBVcgYnCUnsQT0jfMIbEZfMV7VXzYwZlqimA
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 11 Sep 2023 18:30:59 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D05F
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENOh8l37bjGv6gtdupOBoyU&google_cver=1&google_push=AXcoOmRWZKMEpeyjASjX_erTQpoVh83EvJxBts-BNYzupOkleZbffuyz3pTPjY63XEGWfSS220UHYDZSLFq...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRWZKMEpeyjASjX_erTQpoVh83EvJxBts-BNYzupOkleZbffuyz3pTPjY63XEGWfSS220UHYDZSLFqhO6juiusfLNaszYHoOw&google_hm=NXGusf7zTVu4pxblvP...

170 B
188 B

45ms
43ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRWZKMEpeyjASjX_erTQpoVh83EvJxBts-BNYzupOkleZbffuyz3pTPjY63XEGWfSS220UHYDZSLFqhO6juiusfLNaszYHoOw&google_hm=NXGusf7zTVu4pxblvPM5IZU

Requested by

Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3&sub3=sl-crm&sub4=0&sub5=&sub6=5&sub7=&sub8=&sub9=

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 18:30:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 12 Sep 2023 18:30:58 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRWZKMEpeyjASjX_erTQpoVh83EvJxBts-BNYzupOkleZbffuyz3pTPjY63XEGWfSS220UHYDZSLFqhO6juiusfLNaszYHoOw&google_hm=NXGusf7zTVu4pxblvPM5IZU
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D05F
Redirect Chain

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEK85xXI0ukWTzciQxxBVP7s&google_cver=1&google_push=AXcoOmRCs8qimPw4VD0T5XPaKQCv7zCmzLTPqReBWO1Ruu28slEsrJIpnvgDVZeGTRt9s45cwAEfY50mSItamf...
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmRCs8qimPw4VD0T5XPaKQCv7zCmzLTPqReBWO1Ruu28slEsrJIpnvgDVZeGTRt9s45cwAEfY50mSItamfCga3GKpq7sW9t_&google_hm=hmUArmKxMIoW-4qDH...

170 B
188 B

44ms
44ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmRCs8qimPw4VD0T5XPaKQCv7zCmzLTPqReBWO1Ruu28slEsrJIpnvgDVZeGTRt9s45cwAEfY50mSItamfCga3GKpq7sW9t_&google_hm=hmUArmKxMIoW-4qDHg&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6500AE62B1308A16FB8A831EBLIS

Requested by

Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3&sub3=sl-crm&sub4=0&sub5=&sub6=5&sub7=&sub8=&sub9=

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 18:30:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmRCs8qimPw4VD0T5XPaKQCv7zCmzLTPqReBWO1Ruu28slEsrJIpnvgDVZeGTRt9s45cwAEfY50mSItamfCga3GKpq7sW9t_&google_hm=hmUArmKxMIoW-4qDHg&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6500AE62B1308A16FB8A831EBLIS
date: Tue, 12 Sep 2023 18:30:58 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D05F
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEC8LPOnyD0_AxB1xIrsdMAM&google_cver=1&google_push=AXcoOmQ_7JvH3nC8jKkpHYhVvUlX3SN9MFbUZ32O9vYY13wbFylgi9Dc7jtQYLi81d-NOjSr35U8H7oJAIEN2ZclXBqsTVK...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQ_7JvH3nC8jKkpHYhVvUlX3SN9MFbUZ32O9vYY13wbFylgi9Dc7jtQYLi81d-NOjSr35U8H7oJAIEN2ZclXBqsTVKypbHg9w&google_hm=eS1ybkFKU2tKRTJwR09F...

170 B
188 B

45ms
44ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQ_7JvH3nC8jKkpHYhVvUlX3SN9MFbUZ32O9vYY13wbFylgi9Dc7jtQYLi81d-NOjSr35U8H7oJAIEN2ZclXBqsTVKypbHg9w&google_hm=eS1ybkFKU2tKRTJwR09FTFFyQy5wd2hBRnFNczJFaWJTSH5B

Requested by

Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3&sub3=sl-crm&sub4=0&sub5=&sub6=5&sub7=&sub8=&sub9=

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 18:30:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 12 Sep 2023 18:30:58 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQ_7JvH3nC8jKkpHYhVvUlX3SN9MFbUZ32O9vYY13wbFylgi9Dc7jtQYLi81d-NOjSr35U8H7oJAIEN2ZclXBqsTVKypbHg9w&google_hm=eS1ybkFKU2tKRTJwR09FTFFyQy5wd2hBRnFNczJFaWJTSH5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D05F
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEOOm3m0IYtAOdh6IgDavz8s&google_cver=1&google_push=AXcoOmR68AEJClOTv6vMpXIxybHYX1-y6mTiemNJkLQkS8kR-2dL3FzF3lomLM2nFKa4NqjcITtmhw4GfYSTSkEV5Eay7wh...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEOOm3m0IYtAOdh6IgDavz8s&google_cver=1&google_push=AXcoOmR68AEJClOTv6vMpXIxybHYX1-y6mTiemNJkLQkS8kR-2dL3FzF3lomLM2nFKa4NqjcITtmhw4GfYSTSkEV5Eay7...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmR68AEJClOTv6vMpXIxybHYX1-y6mTiemNJkLQkS8kR-2dL3FzF3lomLM2nFKa4NqjcITtmhw4GfYSTSkEV5Eay7whaf48G

170 B
188 B

51ms
51ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmR68AEJClOTv6vMpXIxybHYX1-y6mTiemNJkLQkS8kR-2dL3FzF3lomLM2nFKa4NqjcITtmhw4GfYSTSkEV5Eay7whaf48G

Requested by

Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3&sub3=sl-crm&sub4=0&sub5=&sub6=5&sub7=&sub8=&sub9=

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 18:30:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmR68AEJClOTv6vMpXIxybHYX1-y6mTiemNJkLQkS8kR-2dL3FzF3lomLM2nFKa4NqjcITtmhw4GfYSTSkEV5Eay7whaf48G
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 trk
ag.innovid.com/ Frame D05F 43 B
297 B 273ms
32ms Image
image/gif 2a05:d01c:1d8:8102:3f47:79b8:5807:be29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEEVlj7N5odMZdgBd5leFuI4&google_cver=1&google_push=AXcoOmRgUwqLMpHUilndZEf7h7dCQUWsy-4WB2ZV2cUWFni8jUgYFXgXSd1CzS84Of9VZQrUSZBVi16qN9OKqa77SlL-pflk_hSWUw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:3f47:79b8:5807:be29 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 12 Sep 2023 18:30:59 GMT
cache-control: no-cache
content-length: 43
request-time: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame D05F 0
12 B 44ms
43ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KdjQKaH4tVjsn_16rTiLvCQrhYgUTFhWTrvMp35EiGkUusgVrm4m50xIz9ymJpdYILhNIx

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 18:30:58 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 8CF2 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0df9df909be7d6baced1cef73e7c0a29a6de8973a0da6e7e8788e8284e97f04c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 62F3
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESENEIei_V6iRFyLBswkL-_dk&google_cver=1&google_push=AXcoOmT2Fl3z7erpDKPuwmmhJDi-T7IixLGsfviKrYlKqHc3i2BJI_rR5HrvMPV9W9uYz42QbqAWCEg9BXeUBlv1DV_g18VM30Yh180
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODk5NDE0ODQ4MTY2MTMxNjEyOQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEF_QsHMdzBA41b4nStZt-PA&google_cver=1

43 B
398 B

85ms
83ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEF_QsHMdzBA41b4nStZt-PA&google_cver=1
Requested by: Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3&sub3=sl-crm&sub4=0&sub5=&sub6=5&sub7=&sub8=&sub9=
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 12 Sep 2023 18:30:58 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 12 Sep 2023 18:30:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEF_QsHMdzBA41b4nStZt-PA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 62F3
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEH3A2VAYxlR-eMRh2YR5ZHA&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEH3A2VAYxlR-eMRh2YR5ZHA&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bVB1bUJvWmkxUUc4YTc1&google_gid=CAESEH3A2VAYxlR-eMRh2YR5ZHA&google_cver=1&google_push=AXcoOmQVF-6Ni7sk-VU1Vl5Lxog-FqxfnVlUW9DrE3-T_al...

170 B
188 B

42ms
42ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bVB1bUJvWmkxUUc4YTc1&google_gid=CAESEH3A2VAYxlR-eMRh2YR5ZHA&google_cver=1&google_push=AXcoOmQVF-6Ni7sk-VU1Vl5Lxog-FqxfnVlUW9DrE3-T_aljnQWRkcTN4w9UgRnJ3yzBHjSRpsSTp3Iz7V-AVCnUI4BT5L0O3ZtGxQdO

Requested by

Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3&sub3=sl-crm&sub4=0&sub5=&sub6=5&sub7=&sub8=&sub9=

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 18:30:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 12 Sep 2023 18:30:58 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0dcb732bd13b1eb84@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bVB1bUJvWmkxUUc4YTc1&google_gid=CAESEH3A2VAYxlR-eMRh2YR5ZHA&google_cver=1&google_push=AXcoOmQVF-6Ni7sk-VU1Vl5Lxog-FqxfnVlUW9DrE3-T_aljnQWRkcTN4w9UgRnJ3yzBHjSRpsSTp3Iz7V-AVCnUI4BT5L0O3ZtGxQdO
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 62F3 70 B
149 B 136ms
42ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEJJgn4PxfVv90B1wSlONCoY&google_cver=1&google_push=AXcoOmTNrkz7QgvVP9Xti4iDSF4JDdLvCbp_h6872h-NqA3ReGOM5i9IsKfbNTKrze7VOUNehHRUUHB7u8iAua8CcCv-xga9GrOkGrE
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 18:30:59 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 62F3
Redirect Chain

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEK85xXI0ukWTzciQxxBVP7s&google_cver=1&google_push=AXcoOmTA7QpHfKxCkZBu_HrtPrqPh_-qnX-BNqIu0EaIM5e_sJ-FQC5RxWWCQPsRey1ciWHLAomrlPrIQV_hej...
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmTA7QpHfKxCkZBu_HrtPrqPh_-qnX-BNqIu0EaIM5e_sJ-FQC5RxWWCQPsRey1ciWHLAomrlPrIQV_hejGaQakg8zwymQae1aBn&google_hm=hmUArmKxMIoW-...

170 B
188 B

48ms
48ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmTA7QpHfKxCkZBu_HrtPrqPh_-qnX-BNqIu0EaIM5e_sJ-FQC5RxWWCQPsRey1ciWHLAomrlPrIQV_hejGaQakg8zwymQae1aBn&google_hm=hmUArmKxMIoW-4qDHg&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6500AE62B1308A16FB8A831EBLIS

Requested by

Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3&sub3=sl-crm&sub4=0&sub5=&sub6=5&sub7=&sub8=&sub9=

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 18:30:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmTA7QpHfKxCkZBu_HrtPrqPh_-qnX-BNqIu0EaIM5e_sJ-FQC5RxWWCQPsRey1ciWHLAomrlPrIQV_hejGaQakg8zwymQae1aBn&google_hm=hmUArmKxMIoW-4qDHg&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6500AE62B1308A16FB8A831EBLIS
date: Tue, 12 Sep 2023 18:30:58 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 62F3
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEIcUHCoTYHitWw29yHH5Njw&google_cver=1&google_push=AXcoOmQRYLC20TQgt3Xi84NySXvxwbI7BseS-TXtQOh7s3FQmKC59njwfEahNWoA48ggtr8OxS2HStcwiqMPIEHS...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=1EZhKl1eSnCZ-8KrEqbT6Q&google_push=AXcoOmQRYLC20TQgt3Xi84NySXvxwbI7BseS-TXtQOh7s3FQmKC59njwfEahNWoA48ggtr8OxS2HStcwiqMPIEHS30uj4234Sy2-bu4Z

170 B
188 B

50ms
50ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=1EZhKl1eSnCZ-8KrEqbT6Q&google_push=AXcoOmQRYLC20TQgt3Xi84NySXvxwbI7BseS-TXtQOh7s3FQmKC59njwfEahNWoA48ggtr8OxS2HStcwiqMPIEHS30uj4234Sy2-bu4Z

Requested by

Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3&sub3=sl-crm&sub4=0&sub5=&sub6=5&sub7=&sub8=&sub9=

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 18:30:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 12 Sep 2023 18:30:58 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=1EZhKl1eSnCZ-8KrEqbT6Q&google_push=AXcoOmQRYLC20TQgt3Xi84NySXvxwbI7BseS-TXtQOh7s3FQmKC59njwfEahNWoA48ggtr8OxS2HStcwiqMPIEHS30uj4234Sy2-bu4Z
x-host: tde-deliveryengine-production-845fcd7858-tllsl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame 62F3 43 B
145 B 44ms
34ms Image
image/gif 3.123.242.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJ1kr0q04mp9vc6D5G7CwIM&google_cver=1&google_push=AXcoOmRtSk1DZm0Pw4cpk1m79uuxvD2oI6g4mxIwjUlD3yn1VRdGyEAVM1REv4wJfyWO_v-SzNotN7wpmNsVHXurHz2t8b59dFNXzcIn
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.242.198 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-242-198.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 18:30:58 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 62F3
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAZbGN8M7BntPemLoC1i4ZQ&google_cver=1&google_push=AXcoOmQ9Pj7kGyiVIsmBoZtvMeNJyyEE5p-zCMv0-XRYc1b8QGtKX9K2iooluN9fkHpgy1s3SvZno27-DnH9...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQ9Pj7kGyiVIsmBoZtvMeNJyyEE5p-zCMv0-XRYc1b8QGtKX9K2iooluN9fkHpgy1s3SvZno27-DnH9CQ3hhyu99bpntprEv0Oi

170 B
188 B

42ms
42ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQ9Pj7kGyiVIsmBoZtvMeNJyyEE5p-zCMv0-XRYc1b8QGtKX9K2iooluN9fkHpgy1s3SvZno27-DnH9CQ3hhyu99bpntprEv0Oi

Requested by

Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3&sub3=sl-crm&sub4=0&sub5=&sub6=5&sub7=&sub8=&sub9=

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 18:30:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQ9Pj7kGyiVIsmBoZtvMeNJyyEE5p-zCMv0-XRYc1b8QGtKX9K2iooluN9fkHpgy1s3SvZno27-DnH9CQ3hhyu99bpntprEv0Oi
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 62F3 0
12 B 41ms
40ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LUSBxH4EB9uR5g0DNeINnC9cgaSzxtuht8eCU5wZIjtTfZBcLnc2Pg5U5H6op62xngahKz

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 18:30:58 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame B93B 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 15bdc95797aa4affd5cb602d95f4c5ede7844fc4d15ba005f434534a9db89da2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A0E8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

46ms
44ms

Document
text/html

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Sep 2023 18:30:59 GMT
expires: Tue, 12 Sep 2023 18:30:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Sep 2023 18:30:58 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EACA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

47ms
45ms

Document
text/html

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Sep 2023 18:30:59 GMT
expires: Tue, 12 Sep 2023 18:30:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Sep 2023 18:30:58 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js Show response
pagead2.googlesyndication.com/bg/ Frame BD05 37 KB
14 KB 63ms
61ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f350967c95d52a5b2ef0c198acc3ae8192576d3fd96c6804716a16edee8faa03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 16:08:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8545
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14745
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Sep 2024 16:08:33 GMT

GET
H3 200 81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js Show response
pagead2.googlesyndication.com/bg/ Frame EDF8 37 KB
14 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f350967c95d52a5b2ef0c198acc3ae8192576d3fd96c6804716a16edee8faa03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 16:08:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8545
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14745
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Sep 2024 16:08:33 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 8CF2
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CAVzrYa4AZf-VIoXV6wTby56IC4q2ne9vy5eQ9bYNlL-1q64BEAEgz8OZc2CRhKCFjBigAdnj7sECyAEBqQKyk_JsigSyPqgDAcgDywSqBOMCT9AJH6JLqWYBkluZTpC1Nb-mRl9VhIwzW_7...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221119040664988043286%22,%22debug_reporting%22:true,%22destination%22:%22https://domek.nl%22,%22event_report_window%22:%2225...

0
0

95ms
94ms

Fetch
text/css

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221119040664988043286%22,%22debug_reporting%22:true,%22destination%22:%22https://domek.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22675000793%22],%224%22:[%2209-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217499751766713169713%22}&andc=true

Requested by

Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3&sub3=sl-crm&sub4=0&sub5=&sub6=5&sub7=&sub8=&sub9=

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 18:30:59 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"1119040664988043286","debug_reporting":true,"destination":"https://domek.nl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["675000793"],"4":["09-12"],"6":["true"]},"priority":"500","source_event_id":"17499751766713169713"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 12 Sep 2023 18:30:59 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 12 Sep 2023 18:30:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"1119040664988043286","debug_reporting":true,"destination":"https://domek.nl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["675000793"],"4":["09-12"],"6":["true"]},"priority":"500","source_event_id":"17499751766713169713"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame B93B
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Cq8LWYa4AZYCWIoXV6wTby56IC7ayne9vk5mQ9bYN_viA2sMBEAEgz8OZc2CRhKCFjBigAdnj7sECyAEBqQKyk_JsigSyPqgDAcgDywSqBOYCT9CBR4pkIgMzLle9UxXlkQFtuyFsLVqUn9o...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228943580487965065200%22,%22debug_reporting%22:true,%22destination%22:%22https://domek.nl%22,%22event_report_window%22:%2225...

0
0

94ms
94ms

Fetch
text/css

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228943580487965065200%22,%22debug_reporting%22:true,%22destination%22:%22https://domek.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22675000793%22],%224%22:[%2209-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213331568590710184897%22}&andc=true

Requested by

Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=efb720285b2f4bf9b1c31668b81689ff&sub2=mx-sms-welcome3&sub3=sl-crm&sub4=0&sub5=&sub6=5&sub7=&sub8=&sub9=

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 18:30:59 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"8943580487965065200","debug_reporting":true,"destination":"https://domek.nl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["675000793"],"4":["09-12"],"6":["true"]},"priority":"500","source_event_id":"13331568590710184897"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 12 Sep 2023 18:30:59 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 12 Sep 2023 18:30:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"8943580487965065200","debug_reporting":true,"destination":"https://domek.nl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["675000793"],"4":["09-12"],"6":["true"]},"priority":"500","source_event_id":"13331568590710184897"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 96ms
95ms Preflight
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 12 Sep 2023 18:30:58 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 98ms
97ms Preflight
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 12 Sep 2023 18:30:59 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 96ms
96ms Preflight
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 12 Sep 2023 18:30:59 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 83ms
82ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230907&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e753f029e09a34a00ed5c791712be7f7a49837185ac4da03853568aa9df8854e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 18:30:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11654
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 18:30:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 12 Sep 2023 18:30:59 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4069 13 KB
5 KB 36ms
32ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://andacredito.mx/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 5352
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Sep 2023 17:01:47 GMT
expires: Wed, 11 Sep 2024 17:01:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 49A5 829 B
559 B 45ms
44ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

91f3ffa24495493c254fd34153758995e947f5c1e6ff80300a673f59c75367e9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Juo9lMJkOqc-nqQT_9R-zA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://andacredito.mx/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 537
content-security-policy: script-src 'report-sample' 'nonce-Juo9lMJkOqc-nqQT_9R-zA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 12 Sep 2023 18:30:59 GMT
expires: Tue, 12 Sep 2023 18:30:59 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js Show response
pagead2.googlesyndication.com/bg/ Frame 4069 37 KB
14 KB 64ms
64ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f350967c95d52a5b2ef0c198acc3ae8192576d3fd96c6804716a16edee8faa03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 16:08:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8546
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14745
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Sep 2024 16:08:33 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 49A5 0
0 160ms
159ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230907&jk=911798413310443&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B93B 42 B
64 B 146ms
146ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstSdLCPrQZES0hN-_0963bRhc0-qblGEGXf-c6KReR8Hh9XyLw8gJELMLSI8S3-lGc8m0bbnhJXuXyLiETU2lqq-e7oiXEK1m6-HwUo1uqZgGlh2zzbfNvtKeilK4Wi4GaMwdE-f30XfZA1&sai=AMfl-YTmtSfwwkxyOAvv7Tn1wStTAeOvilgmKz0idOtrgvtDzV9rPOAt8W-h8zzO9gL2Sy5nVFkFw44-YG52RqjBgV9v7EDlNjXFDxc&sig=Cg0ArKJSzKPbKQvT-lwpEAE&cid=CAQSKQBpAlJWCalzyPKTfzat6YlOgjsDFsDZsxOr3qRxZKCsI99OVXLE_8YuGAE&id=lidar2&mcvt=1000&p=0,0,600,200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230911&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694543458566&rpt=364&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 18:31:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8CF2 42 B
64 B 144ms
144ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst4cKeNZXVznW55JnC1BPmXluzk-W_OKT-Z4SdhQcFhUF5cPkQDwJcEBrLgpxsqdUE2PCc52beehhSr1aNcFjANz2cCD4vcu1T6IHniP4TcA82LP9mBGf_keWs9cJnYS-ncm_Lvxx77QedM&sai=AMfl-YQJziTnzQBn1055fw-MQQjmacA_B9kIzQyomqiHAUALrzHohou4noZ_GnBQVBQqom3ouf3k-Wii7qhooE_O-XteBqSi4QxTbKQ&sig=Cg0ArKJSzHF8dl4rbPvzEAE&cid=CAQSKQBpAlJWCalzyPKTfzat6YlOgjsDFsDZsxOr3qRxZKCsI99OVXLE_8YuGAE&id=lidar2&mcvt=1002&p=0,0,600,200&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230911&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694543458565&rpt=353&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 18:31:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4069 0
10 B 32ms
32ms Image
text/plain 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?dCCJuw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 18:31:00 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 166ms
166ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230907&jk=911798413310443&bg=!PD-lP3DNAAa6D61Rmg87ADQBe5WfOOqX75eXLRnftYbsOwIaGxtdHaJzADXWchRpKWPBmoxeSV9wjzd2C5oFfhVccsy0AgAAADpSAAAACGgBBwoApoX2bGZzXHWjbcGDA9iIzpV6GIP0hHsFFFWPNMJdxL2N5XxjPmF21rSWZzVdVPsGy456O7ZU6tGlQue0nDUhGGD64Ek8VjZWx6cCpNPh4zhnMU9BhwdinoNqi6x2my4nQ_jP2MEofPzvlBiAZz_09dW6WMxWiEzVicnEc-2ptt1voweIMQsZy9hqyTIEUS19mSw8LZTYBYINwdTdwJNowr8ZkHwnUwCZAro0I8LU4L8oiSVdKs4xe4IaS0LeTAZlcI7Hn_bZtwgUr_EKsP-3ZK0MrfMKFnTQX43BTIBEJV8kp3L8IgUZYXRTI8ubjM9ZIPotEh9OVNseb51WYZax33K25yPJnBfOV2y8kiDAxfknBgYNyWDDyE8HW2Lud9CJGkasFoh8eh1YNu2m9OhkqZHLkIA_qYpM_nWTQgPSVoR0ErQchb98_A1olBYrTCpKQGoonEIK3x8zRgng8pIg2B8msR2ikFXJcD5Hi9z5Q384re4FVkXfnVZ_jiGWjD1U6C99INJ4rr4_TSGhVtBZsKb2U3Ve5ueWPUQZPo12W4tLj4qGQ2gdSqd3aKC0ZWpcIbUARI6iYQl1Vm2jUazjXI1WuNrXTnMlHFuRXpOIXR4mFiLskS9c2811ici4jAG7Nkz85j3OLmh1BmRWcP58lq5uXcvM90vrYQDKUPvv5wcJTEOxmcAzB71sFM1Hi6fNvHQYen168_HzrV7pp9f6E00KFrCJDLtpg3M0Xhbc8BuTZa3URLQQeSq5ZU-vhBPTKsFpVxN9mYblNLvLAnW22r3TZ6gwEtUFmAD1Fw3LC-U_4idrz76URm3cUAyTdGLLom1LNEIuS9rz6eK5MwGMLCDbW6e5TUHden5ZKFAJeq1XUY01T5TSdobW9cAUZAXeN1KKjpSNpEg5tI6WCeiCwApr8-zKEYxL3Iv6-9kk_JFWKugWui2VEHdZ84vCZ1_xwgr85v-EDU2Ae1tSyAekgRO0df5L7SvXkfuWwJ6Kp_LSGreadhKUcJK3iSYImRiH6h8nLsGzAQN1Ls9jxTSsx4ShDtg2MRFurypzn3A7cjG9wdzXTtZZ6Frd1YQHLHAUXHwfGEM62p6MMFpDdkb1qd0KkGEoMfVoFjtujNhM9KCEZriZBO9VSzGSAkxNTej20OEuDA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
track.crezu.net/	1970-01-20 23:27:59	Name: afclick Value: 6500ae5fc5c3ad0001519846
track.crezu.net/	1970-01-20 23:27:59	Name: afoffers Value: {"216":1694543455}
.andacredito.mx/	1970-01-20 19:01:35	Name: sbjs_migrations Value: 1418474375998%3D1
.andacredito.mx/	1970-01-20 19:01:35	Name: sbjs_current_add Value: fd%3D2023-09-12%2020%3A30%3A56%7C%7C%7Cep%3Dhttps%3A%2F%2Fandacredito.mx%2Flanding%2Foffers%3Fsub1%3Defb720285b2f4bf9b1c31668b81689ff%26sub2%3Dmx-sms-welcome3%26sub3%3Dsl-crm%26sub4%3D0%26sub5%3D%26sub6%3D5%26sub7%3D%26sub8%3D%26sub9%3D%7C%7C%7Crf%3D%28none%29
.andacredito.mx/	1970-01-20 19:01:35	Name: sbjs_first_add Value: fd%3D2023-09-12%2020%3A30%3A56%7C%7C%7Cep%3Dhttps%3A%2F%2Fandacredito.mx%2Flanding%2Foffers%3Fsub1%3Defb720285b2f4bf9b1c31668b81689ff%26sub2%3Dmx-sms-welcome3%26sub3%3Dsl-crm%26sub4%3D0%26sub5%3D%26sub6%3D5%26sub7%3D%26sub8%3D%26sub9%3D%7C%7C%7Crf%3D%28none%29
.andacredito.mx/	1970-01-20 19:01:35	Name: sbjs_current Value: typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29
.andacredito.mx/	1970-01-20 19:01:35	Name: sbjs_first Value: typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29
.andacredito.mx/	1970-01-20 19:01:35	Name: sbjs_udata Value: vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F116.0.5845.187%20Safari%2F537.36
.andacredito.mx/	1970-01-20 14:42:25	Name: sbjs_session Value: pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fandacredito.mx%2Flanding%2Foffers%3Fsub1%3Defb720285b2f4bf9b1c31668b81689ff%26sub2%3Dmx-sms-welcome3%26sub3%3Dsl-crm%26sub4%3D0%26sub5%3D%26sub6%3D5%26sub7%3D%26sub8%3D%26sub9%3D
andacredito.mx/	1970-01-20 14:42:25	Name: landingOffersVisit Value: {"sub1":"efb720285b2f4bf9b1c31668b81689ff","sub2":"mx-sms-welcome3"}
andacredito.mx/	1970-01-20 14:43:49	Name: test_flow Value: control_a
.andacredito.mx/	1970-01-20 16:51:59	Name: _gcl_au Value: 1.1.309555220.1694543457
.andacredito.mx/	1970-01-21 00:18:23	Name: _ga Value: GA1.1.1289939299.1694543457
andacredito.mx/	1970-01-20 14:42:25	Name: uuidv4 Value: 79282a0f-f447-4c47-bf83-34bc044b5c7c
.andacredito.mx/	1970-01-21 00:03:59	Name: __gads Value: ID=3083ac1670c28659-22f4b6706fde0089:T=1694543457:RT=1694543457:S=ALNI_MZHpbWx5GXd-IeGxKFepARk2FZoOA
.andacredito.mx/	1970-01-21 00:03:59	Name: __gpi Value: UID=00000d921561af2d:T=1694543457:RT=1694543457:S=ALNI_MYkGFqhUvJwxQQdebVTrxhZFh1J2w
.blismedia.com/	1970-01-20 23:28:03	Name: b Value: 6500AE62B1308A16FB8A831EBLIS
.turn.com/	1970-01-20 19:01:35	Name: uid Value: 8994148481661316129
.rlcdn.com/	1970-01-20 23:27:59	Name: rlas3 Value: GJyQhwAZP3PLe0FLxNls/MLklaGi5yyC3GYaS5V6HiI=
.quantserve.com/	1970-01-20 16:51:59	Name: d Value: EEYBCQH3KYEA
.quantserve.com/	1970-01-21 00:12:37	Name: mc Value: 6500ae62-8f81d-69dab-673d3
.rlcdn.com/	1970-01-20 16:08:47	Name: pxrc Value: COLcgqgGEgUI6AcQABIGCOndKhAA
.yahoo.com/	1970-01-20 23:28:21	Name: A3 Value: d=AQABBGKuAGUCEJekTwK3S6oAhsnzUonSUggFEgEBAQH_AWUKZQAAAAAA_eMAAA&S=AQAAAlRY2_VaTqV6ie3wvPuE9Ew
.andacredito.mx/	1970-01-21 00:18:23	Name: _ga_EM2MYKZJLX Value: GS1.1.1694543456.1.0.1694543458.58.0.0
.travelaudience.com/	1970-01-21 00:12:37	Name: _tracker Value: %7B%22UUID%22%3A%22D446612A-5D5E-4A70-19FB-C2AB12A6D3E9%22%7D
.adfarm1.adition.com/	1970-01-20 16:51:59	Name: UserID1 Value: 7278008733790632082
.doubleclick.net/	1970-01-20 14:42:27	Name: DSID Value: NO_DATA
.ctnsnet.com/	1970-01-20 23:27:59	Name: gid_CAESENOh8l37bjGv6gtdupOBoyU Value: 1
.ctnsnet.com/	1970-01-20 23:27:59	Name: cid_3571aeb1fef34d5bb8a716e5bcf33921 Value: 1
.simpli.fi/	1970-01-20 23:29:25	Name: suid Value: BAE417907EEF40AAAC2DAF945279B8E8
.de17a.com/	1970-01-20 23:20:47	Name: guid Value: 1.5793576383462343316
.w55c.net/	1970-01-21 00:12:37	Name: wfivefivec Value: mPumBoZi1QG8a75
.w55c.net/	1970-01-20 15:25:35	Name: matchgoogle Value: 5
.innovid.com/	1970-01-20 16:51:59	Name: uuid Value: 0f79c44d-9787-4977-a2a9-9363d1a0280a-20230912 14:30:59
.googleadservices.com/	1970-01-20 16:51:59	Name: ar_debug Value: 1
.tribalfusion.com/	1970-01-20 16:51:59	Name: ANON_ID Value: aXntuJOZb3VgUEjUAujypqfoJtZbajbZcSojL4P675kjtw9UfZbaGP4UJsP2YK9cZdE7IrOdjIudR01XDpm49JsNKNFcZc
.doubleclick.net/	1970-01-21 00:03:59	Name: IDE Value: AHWqTUn2fZ5LBbpJF_wARXjUWDhCWz-NMdMjV6U-m4unfGTdD_o326WEqcw7_TWwxVA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.turn.com
ads.travelaudience.com
ag.innovid.com
andacredito.mx
cdn.crezu.net
cdn.morecashpls.com
clnk.si
cm.g.doubleclick.net
cms.quantserve.com
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
dsp.adfarm1.adition.com
events.crezu.net
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
id.rlcdn.com
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
pr-bh.ybp.yahoo.com
r.turn.com
region1.analytics.google.com
s.tribalfusion.com
sl.crezu.mx
sl.crezu.net
stats.g.doubleclick.net
tpc.googlesyndication.com
tr.blismedia.com
track.crezu.net
um.simpli.fi
workers.crezu.net
www.google.com
www.google.nl
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
142.250.185.194
142.250.185.226
178.250.1.9
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
213.155.156.185
2606:4700::6812:19ad
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2a00:1450:4001:806::2002
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2008
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2001
2a00:1450:4001:829::2003
2a00:1450:4001:829::2004
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2003
2a00:1450:400c:c0b::9c
2a02:fa8:8806:20::2040
2a05:d018:d29:3605:316a:16ef:4691:e00e
2a05:d01c:1d8:8102:3f47:79b8:5807:be29
2a06:98c1:3121::3
3.120.226.29
3.123.242.198
3.33.220.150
34.107.249.96
34.77.94.206
34.90.46.36
34.91.62.186
34.96.105.8
35.186.193.173
35.190.0.66
35.201.76.189
35.235.93.22
35.240.92.105
35.241.222.91
35.244.174.68
51.89.9.252
85.114.159.118
0210f43e51bea294e09675180d227d940563f7b29c0ca84a5a9a5337c802fbda
053ad4c814aa7586e81a34f6d08db3cc95682a6445f05f5c4a177b0dddf87543
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dbf907d6c66bcd540901a6b2b26b9dbe8a353163dc1fd31febdc090e92d2bef
0df9df909be7d6baced1cef73e7c0a29a6de8973a0da6e7e8788e8284e97f04c
143d681dc8ed67d5acf692ab8bd8f25a87b411bad534980984107887c6f82af2
15bdc95797aa4affd5cb602d95f4c5ede7844fc4d15ba005f434534a9db89da2
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18a49454b27284f8a409abfe02ee82f6aca81c42481091e6710bc2d8aa2ade16
194d53b4483d0fc25f7ccf7f5431893376d633324170f6366d4de0eb102fe25e
211e094c1dd908e57c089091b6009b69ab57c591aa1cac3aa6ff80339441c70d
2947cfa33e2bcd40666fb9ecd853d7055ee7c6d116303c27ea97416a5133e1dd
2d11cd23dbdf741a4cf3e7765c1e8fb43dacaa9d149fcb26b162e0aa9c87a796
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3353dbadebb12047d42fe8bf09b3f2650eb1c7e8f8aa42befcff6c78ef1974dc
3524705a4e41f826d205a6a2da1cde39f5f27725fc91971e87a7a68cdeeb2821
3a1901faf207ae43fd6e00a47ad92fb729ef33e588191775577c8fc2f37cc1b0
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
497cb0686a5f7b490fd58b319740c7b50a68918644b66f6c289d266b768be6e1
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50f36c6941b3a0b755df6e1c1ba6919dc8eeab051a52504ff431c3564d4d791a
520d30c512c9204e2e3ebd00881bd49d4b03126b288b8cc56c69a9b6618c5347
537de93db1bad17008808b88ead6c3ceed9e8c54c7ce20806123f6e51ed4b4d3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56814b7d406e980f2304225a2a68993319fec77317a2fefc1b3223bf6237d855
59007db18fb460f46e101a5d9a656580322234f0c41e22cffff4b375022597ce
5bacac65cd03f5724f8e242261b6cd170831f4783c2f46c5885a9c32fdf84850
5e0440d1f014655b2a7c9a0ce23aa09e79d49d7afce588d3f7d54a89e92ceb6f
5e37eed5fe086f3d4b30f5918ce80d5dcd5c38473c6497c26160710addeea013
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63425a51bc14b66579166bac9b5902793d36bf0ba63a713e0517967c81d9a313
6bd90a11f15a6e28af278037393b9041e3d8489a317f18baf60ac3c9b21c5fcf
6c119d365fbfa2a92664014792d670928a767572e90434a25aa95b6af6f29671
6ea6ebe08f85bbfee5d196369ede9a3e5ee047c38034246ec4552a9168ff2a47
726308d60991c0af0e4e25515249c1a2adc3976fad41b2ca22bb8f1380ace4cb
80bd05600bda8e5e27d97dd0c120a6a3c5e33a28797e7aef84c6b4000b1edfff
8236d168322fe35d3a2e16f1786d9f37617b3a722aa109a94ca07f91cf171775
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f9ab8b11d2f129ac5267cd2429b4e72710bf325dc719a67291128afc24c22a3
91f3ffa24495493c254fd34153758995e947f5c1e6ff80300a673f59c75367e9
937a4c01769bb19e6e7c195860b3a0d3d8a6d729be9608b39923b8013b3e6254
97d067ec411fe2fca3baca0556a1cfe331433d7a2e92a17edca9d2846d951883
98dbfa53fe85a70c1dd756cfbc10d74bf8540d82e1e0765894aebf5fe8f86e9b
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2bfd4107782129b2db1fbeca09be2eb6e311180f7349cd53ad32b2b6be82934
a9d019de6cb27c35845f9e26aa99dd8e2f01f04368f237c65f631578cb0dc1c8
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
c1f835e634193bba0f34a07e694532e8bdbe427e99e7130984c5765e53949be6
c50c9d76ad4e28c150f09dfa4f6d2fc6e1adb5eadf841b9b6a28ea55c3b45021
c801eaeb528d9ddb6fb95e2c2e61f7acb8ca89e494f35d4b60468ef8ecda3495
c9ce932a23de6195c13355d37d42ed655a4a8ad66a66c1754e442577c1d7e407
ceed65dceb1a6be9cf95f06f2070a0573aa605be00c24340fe07f4f9a8de30b9
d225ce3bf8b0b2c3cc1a8028659586ca30d3553ad3be2408e0a4ee3b0463eb3e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e422c9e7b193c43036b49343e86201a4adf09795984214ead171606cb4df86d5
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6c5c461893723c63bc895efa9b77800585897c98156560e66e6db75a10f6b0d
e753f029e09a34a00ed5c791712be7f7a49837185ac4da03853568aa9df8854e
e99a79b67018d4f28948226a27d0aa7d3e7a2e71eefaa13993e323fe71ca0cd7
eac3f07815825f314cbd599406db39830c4c2a190e12b6f5a0224c1d49da9d96
ec68368115e7c1e9eeececfb003c990d971d917c84c94e9798fedbcf116decfc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f350967c95d52a5b2ef0c198acc3ae8192576d3fd96c6804716a16edee8faa03
f59a9a1cc3478d4ed24a777a014bf55c53f7abd360f1c41ddd4160fb9c1b4759
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
fa503dfdadb36bfe3b366aaef36c3d4ed5ce5249923fdb979e6c530d6adcfcd3
fb5d224c0d6133efc6727f46d8b9120582df1b550370f4e6181e4d09334d0e57

andacredito.mx Open in urlscan Pro 35.235.93.22 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

160 Requests

86 %HTTPS

48 %IPv6

32 Domains

44 Subdomains

30 IPs

9 Countries

2683 kBTransfer

5677 kBSize

37 Cookies

9 Outgoing links

Page URL History

Redirected requests

160 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

andacredito.mx Open in urlscan Pro
35.235.93.22 Public Scan

Screenshot
Live screenshot

Full Image

160
Requests

86 %
HTTPS

48 %
IPv6

32
Domains

44
Subdomains

30
IPs

9
Countries

2683 kB
Transfer

5677 kB
Size

37
Cookies

160 HTTP transactions
3 data transactions